[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240224121140.1883201-1-arnd@kernel.org>
Date: Sat, 24 Feb 2024 13:11:34 +0100
From: Arnd Bergmann <arnd@...nel.org>
To: Jonathan Cameron <jic23@...nel.org>
Cc: Arnd Bergmann <arnd@...db.de>,
Lars-Peter Clausen <lars@...afoo.de>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Bill Wendling <morbo@...gle.com>,
Justin Stitt <justinstitt@...gle.com>,
Uwe Kleine-König <u.kleine-koenig@...gutronix.de>,
linux-iio@...r.kernel.org,
linux-kernel@...r.kernel.org,
llvm@...ts.linux.dev
Subject: [PATCH] iio: avoid fortify-string overflow error
From: Arnd Bergmann <arnd@...db.de>
The memcpy() call in dlhl60d.c triggers a check with clang-19:
In file included from drivers/iio/pressure/dlhl60d.c:11:
In file included from include/linux/module.h:17:
include/linux/fortify-string.h:553:4: error: call to '__write_overflow_field' declared with 'warning' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
553 | __write_overflow_field(p_size_field, size);
| ^
It writes into a two member array from a loop over a linked list
that likely has some indication of having more than two entries.
Add a conditional check there to avoid the overflow.
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
drivers/iio/pressure/dlhl60d.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/iio/pressure/dlhl60d.c b/drivers/iio/pressure/dlhl60d.c
index 28c8269ba65d..a43ecda849db 100644
--- a/drivers/iio/pressure/dlhl60d.c
+++ b/drivers/iio/pressure/dlhl60d.c
@@ -262,6 +262,8 @@ static irqreturn_t dlh_trigger_handler(int irq, void *private)
&st->rx_buf[1] + chn * DLH_NUM_DATA_BYTES,
DLH_NUM_DATA_BYTES);
i++;
+ if (i >= ARRAY_SIZE(tmp_buf))
+ break;
}
iio_push_to_buffers(indio_dev, tmp_buf);
--
2.39.2
Powered by blists - more mailing lists