| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAK8P3a2Qx4F50E3YAr0FQswD_Fg7T6wkmyaAtCOCnN6UcfqPGA@mail.gmail.com>
Date: Sat, 15 May 2021 11:05:06 +0200
From: Arnd Bergmann <arnd@...db.de>
To: "yukuai (C)" <yukuai3@...wei.com>
Cc: Harald Welte <laforge@...monks.org>,
gregkh <gregkh@...uxfoundation.org>, akpm@...l.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"zhangyi (F)" <yi.zhang@...wei.com>
Subject: Re: [PATCH] char: pcmcia: remove set but not used variable 'tmp'
On Sat, May 15, 2021 at 9:15 AM yukuai (C) <yukuai3@...wei.com> wrote:
> On 2021/05/14 14:28, Arnd Bergmann wrote:
>
> I'm not familar with the logical here, however, if io_read_num_rec_bytes
> may get 'num_bytes_read' greater than 4, this loop will cause index out
> of boundary. It make sense to me to add a range check. Futhermore, since
> 'num_bytes_read' is ensure to >= 4,I think we can change the loop to:
>
> for (i = 0; i < 4; ++i) {
> xoutb(i, REG_BUF_ADDR(iobase));
> pts_reply[i] = inb(REG_BUF_DATA(iobase));
> }
Obviously it still has to use the num_bytes_read value to determine
how many bytes were actually received, but there should be an
added cap to tell the compiler that this is never more than 4.
Arnd
Powered by blists - more mailing lists