| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Feb 2021 16:47:17 +0100
From: Mathieu Dubois-Briand <mbriand@...ekio.com>
To: mbriand@...ekio.com
Cc: Tudor Ambarus <tudor.ambarus@...rochip.com>,
Miquel Raynal <miquel.raynal@...tlin.com>,
Richard Weinberger <richard@....at>,
Vignesh Raghavendra <vigneshr@...com>,
Boris Brezillon <bbrezillon@...nel.org>,
linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: [PATCH] mtd: spi-nor: sfdp: Fix out of bound array access
Fix array index: explicitly use the array length to access the last
element, instead of an incorrectly set iteration variable.
It seems this code was correct before following commit, were the
iteration counter is reused, leading to a value that may be out of
bound.
Fixes: dc92843159a7 ("mtd: spi-nor: fix erase_type array to indicate
current map conf")
Signed-off-by: Mathieu Dubois-Briand <mbriand@...ekio.com>
---
drivers/mtd/spi-nor/sfdp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/mtd/spi-nor/sfdp.c b/drivers/mtd/spi-nor/sfdp.c
index 6ee7719e5903..11cc5d19e286 100644
--- a/drivers/mtd/spi-nor/sfdp.c
+++ b/drivers/mtd/spi-nor/sfdp.c
@@ -881,7 +881,7 @@ spi_nor_init_non_uniform_erase_map(struct spi_nor *nor,
if (!(regions_erase_type & BIT(erase[i].idx)))
spi_nor_set_erase_type(&erase[i], 0, 0xFF);
- spi_nor_region_mark_end(®ion[i - 1]);
+ spi_nor_region_mark_end(®ion[region_count - 1]);
return 0;
}
--
2.25.1
Powered by blists - more mailing lists