lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 8 Jun 2023 08:15:53 -0700
From:   Doug Anderson <dianders@...omium.org>
To:     Su Hui <suhui@...china.com>
Cc:     Andrzej Hajda <andrzej.hajda@...el.com>,
        Neil Armstrong <neil.armstrong@...aro.org>,
        Robert Foss <rfoss@...nel.org>,
        Laurent Pinchart <Laurent.pinchart@...asonboard.com>,
        Jonas Karlman <jonas@...boo.se>,
        Jernej Skrabec <jernej.skrabec@...il.com>,
        David Airlie <airlied@...il.com>,
        Daniel Vetter <daniel@...ll.ch>, andersson@...nel.org,
        linux-kernel@...r.kernel.org, dri-devel@...ts.freedesktop.org,
        u.kleine-koenig@...gutronix.de
Subject: Re: [PATCH v3] drm/bridge: ti-sn65dsi86: Avoid possible buffer overflow

Hi,

On Wed, Jun 7, 2023 at 6:25 PM Su Hui <suhui@...china.com> wrote:
>
> Smatch error:buffer overflow 'ti_sn_bridge_refclk_lut' 5 <= 5.
>
> Fixes: cea86c5bb442 ("drm/bridge: ti-sn65dsi86: Implement the pwm_chip")
> Signed-off-by: Su Hui <suhui@...china.com>
> ---
>  drivers/gpu/drm/bridge/ti-sn65dsi86.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/drivers/gpu/drm/bridge/ti-sn65dsi86.c b/drivers/gpu/drm/bridge/ti-sn65dsi86.c
> index 7a748785c545..4676cf2900df 100644
> --- a/drivers/gpu/drm/bridge/ti-sn65dsi86.c
> +++ b/drivers/gpu/drm/bridge/ti-sn65dsi86.c
> @@ -298,6 +298,10 @@ static void ti_sn_bridge_set_refclk_freq(struct ti_sn65dsi86 *pdata)
>                 if (refclk_lut[i] == refclk_rate)
>                         break;
>
> +       /* avoid buffer overflow and "1" is the default rate in the datasheet. */
> +       if (i >= refclk_lut_size)
> +               i = 1;
> +

Looks great now, thanks!

Reviewed-by: Douglas Anderson <dianders@...omium.org>

Unless someone beats me to it or objects, I'll plan to commit this to
drm-misc-fixes early next week.

-Doug

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ