lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241108181813.272593-4-u.kleine-koenig@baylibre.com>
Date: Fri,  8 Nov 2024 19:18:02 +0100
From: Uwe Kleine-König <u.kleine-koenig@...libre.com>
To: Lars-Peter Clausen <lars@...afoo.de>,
	Michael Hennerich <Michael.Hennerich@...log.com>,
	Jonathan Cameron <jic23@...nel.org>
Cc: Mircea Caprioru <mircea.caprioru@...log.com>,
	linux-iio@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [PATCH 0/2] iio: adc: ad7124: Implement input validation

Hello,

here come two commits that add some input validation of the number of
channels and the diff-inputs property values. The first limits the
number of iio channels to 16 which is the number of channel registers
for both hardware variants and so is the maximal number of (logical)
channels. The second commit refuses invalid channel numbers, that is
8-15 for ad7124-4 and values bigger than 31. The initial driver refused
all input specifiers > 15, but this limitation was lifted by commit
f1794fd7bdf7 ("iio: adc: ad7124: Remove input number limitation") with
the intention to allow values 16-31 but dropped all checks.

Note that at least some of the input specifiers in the 16-31 range are
different and using these yields bogus properties. E.g. 16 and 17 are
for temperature measurement, while using these in the device tree
results in a voltage property and the respective scale and offset
properties are bogus. Still these were explicitly allowed in
f1794fd7bdf7, so I didn't refuse these.

These patches don't conflict with the other ad7124 patches I sent
before, at least git can apply the series in both possible orders.

Best regards
Uwe

Uwe Kleine-König (2):
  iio: adc: ad7124: Don't create more channels than the hardware is
    capable of
  iio: adc: ad7124: Refuse invalid input specifiers

 drivers/iio/adc/ad7124.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

base-commit: 9852d85ec9d492ebef56dc5f229416c925758edc
-- 
2.45.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ