RE: [PATCH] pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> -----Original Message-----
> From: Dan Carpenter [mailto:dan.carpenter@xxxxxxxxxx]
> Sent: Saturday, July 14, 2018 7:03 PM
> To: A.s. Dong <aisheng.dong@xxxxxxx>
> Cc: Markus Pargmann <mpa@xxxxxxxxxxxxxx>; dl-linux-imx <linux-
> imx@xxxxxxx>; Fabio Estevam <festevam@xxxxxxxxx>; Shawn Guo
> <shawnguo@xxxxxxxxxx>; Stefan Agner <stefan@xxxxxxxx>; Pengutronix
> Kernel Team <kernel@xxxxxxxxxxxxxx>; Linus Walleij
> <linus.walleij@xxxxxxxxxx>; linux-gpio@xxxxxxxxxxxxxxx; kernel-
> janitors@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH] pinctrl: freescale: off by one in
> imx1_pinconf_group_dbg_show()
> 
> On Sat, Jul 14, 2018 at 08:14:41AM +0000, A.s. Dong wrote:
> > Copy linux-imx@xxxxxxx
> >
> > > -----Original Message-----
> > > From: A.s. Dong
> > > Sent: Saturday, July 14, 2018 4:13 PM
> > > To: 'Dan Carpenter' <dan.carpenter@xxxxxxxxxx>; Markus Pargmann
> > > <mpa@xxxxxxxxxxxxxx>
> > > Cc: Fabio Estevam <festevam@xxxxxxxxx>; Shawn Guo
> > > <shawnguo@xxxxxxxxxx>; Stefan Agner <stefan@xxxxxxxx>; Pengutronix
> > > Kernel Team <kernel@xxxxxxxxxxxxxx>; Linus Walleij
> > > <linus.walleij@xxxxxxxxxx>; linux-gpio@xxxxxxxxxxxxxxx; kernel-
> > > janitors@xxxxxxxxxxxxxxx
> > > Subject: RE: [PATCH] pinctrl: freescale: off by one in
> > > imx1_pinconf_group_dbg_show()
> > >
> > > > -----Original Message-----
> > > > From: Dan Carpenter [mailto:dan.carpenter@xxxxxxxxxx]
> > > > Sent: Friday, July 13, 2018 10:55 PM
> > > > To: A.s. Dong <aisheng.dong@xxxxxxx>; Markus Pargmann
> > > > <mpa@xxxxxxxxxxxxxx>
> > > > Cc: Fabio Estevam <festevam@xxxxxxxxx>; Shawn Guo
> > > > <shawnguo@xxxxxxxxxx>; Stefan Agner <stefan@xxxxxxxx>;
> Pengutronix
> > > > Kernel Team <kernel@xxxxxxxxxxxxxx>; Linus Walleij
> > > > <linus.walleij@xxxxxxxxxx>; linux-gpio@xxxxxxxxxxxxxxx; kernel-
> > > > janitors@xxxxxxxxxxxxxxx
> > > > Subject: [PATCH] pinctrl: freescale: off by one in
> > > > imx1_pinconf_group_dbg_show()
> > > >
> > > > The info->groups[] array is allocated in imx1_pinctrl_parse_dt().
> > > > It has info-
> > > > >ngroups elements.  Thus the > here should be >= to prevent
> > > > >reading one
> > > > element beyond the end of the array.
> > > >
> > > > Fixes: 30612cd90005 ("pinctrl: imx1 core driver")
> > > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > >
> > > Acked-by: Dong Aisheng <Aisheng.dong@xxxxxxx>
> > >
> > > BTW It seems pinctrl-imx.c has the same issue although it won't
> > > trigger real error because the second check causes the return. But
> > > the fix still applies. So would you send anther fix for pinctrl-imx as well?
> 
> I don't know which function you are talking about.  I'm looking at
> drivers/pinctrl/freescale/pinctrl-imx.c but I haven't seen a bug.
> 

I mean the same issue you fixed in this patch.
See:
drivers/pinctrl/freescale/pinctrl-imx.c: imx_pinconf_group_dbg_show()

Shoud it be the same fix like below?
        if (group >= pctldev->num_groups)
                return;

Regards
Dong Aisheng

> regards,
> dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-gpio" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux SPI]     [Linux Kernel]     [Linux ARM (vger)]     [Linux ARM MSM]     [Linux Omap]     [Linux Arm]     [Linux Tegra]     [Fedora ARM]     [Linux for Samsung SOC]     [eCos]     [Linux Fastboot]     [Gcc Help]     [Git]     [DCCP]     [IETF Announce]     [Security]     [Linux MIPS]     [Yosemite Campsites]

  Powered by Linux