lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5b203f2a-755a-448b-946a-f14d6060dbb7@denx.de>
Date: Sun, 17 Nov 2024 23:06:27 +0100
From: Marek Vasut <marex@...x.de>
To: Kees Cook <kees@...nel.org>, Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
 Linus Walleij <linus.walleij@...aro.org>, Arnd Bergmann <arnd@...db.de>,
 Luca Ellero <l.ellero@...m.it>, linux-input@...r.kernel.org,
 Alexander Stein <alexander.stein@...tq-group.com>,
 Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org,
 linux-hardening@...r.kernel.org
Subject: Re: [PATCH] Input: ads7846 - Expand xfer array to match usage

On 11/17/24 4:34 AM, Kees Cook wrote:
> Commit 781a07da9bb9 ("Input: ads7846 - add dummy command register
> clearing cycle") added commands to struct ser_req::xfer without
> expanding it to hold them. Expand the array to the correct size.
> 
> ../drivers/input/touchscreen/ads7846.c: In function 'ads7846_read12_ser':
> ../drivers/input/touchscreen/ads7846.c:416:18: error: array subscript 7 is above array bounds of 'struct spi_transfer[6]' [-Werror=array-bounds=]
>    416 |         req->xfer[7].rx_buf = &req->scratch;
>        |         ~~~~~~~~~^~~
> ../drivers/input/touchscreen/ads7846.c:334:33: note: while referencing 'xfer'
>    334 |         struct spi_transfer     xfer[6];
>        |                                 ^~~~
> 
> Fixes: 781a07da9bb9 ("Input: ads7846 - add dummy command register clearing cycle")
> Signed-off-by: Kees Cook <kees@...nel.org>
I think Nathan already sent a fix too.

Thanks !

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ