lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240110222503.2381599-1-Frank.Li@nxp.com>
Date: Wed, 10 Jan 2024 17:25:03 -0500
From: Frank Li <Frank.Li@....com>
To: frank.li@....com
Cc: alexandre.belloni@...tlin.com,
	conor.culhane@...vaco.com,
	imx@...ts.linux.dev,
	joe@...ches.com,
	linux-i3c@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	miquel.raynal@...tlin.com,
	zbigniew.lukwinski@...ux.intel.com
Subject: [PATCH 1/1] i3c: master: svc: return error when read length bigger than 255

RDTERM in MCTRL is 8 bits. Add a length check to prevent silent data errors
when the read length exceeds 255 bytes during each i3c_priv_xfer operation.

Signed-off-by: Frank Li <Frank.Li@....com>
---
 drivers/i3c/master/svc-i3c-master.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c
index bd10bb698da0f..181b56953fb28 100644
--- a/drivers/i3c/master/svc-i3c-master.c
+++ b/drivers/i3c/master/svc-i3c-master.c
@@ -1375,6 +1375,11 @@ static int svc_i3c_master_priv_xfers(struct i3c_dev_desc *dev,
 		cmd->len = xfers[i].len;
 		cmd->actual_len = xfers[i].rnw ? xfers[i].len : 0;
 		cmd->continued = (i + 1) < nxfers;
+
+		if (cmd->rnw && cmd->len > 255) {
+			dev_err(master->dev, "only support read less than 255 each xfer\n");
+			return -EINVAL;
+		}
 	}
 
 	mutex_lock(&master->lock);
-- 
2.34.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ