Hallo Wolfram, On Sat, Nov 22, 2014 at 07:14:06PM +0100, Wolfram Sang wrote: > > > > + case I2C_SLAVE_REQ_READ_END: > > > > + eeprom->buffer_idx++; > > > You don't check here for buffer_idx >= ARRAY_SIZE(buffer)? > > > Ditto in the I2C_SLAVE_REQ_WRITE_END case. > > I just noticed that buffer_idx is an u8, so it overflows at 255+1. So > > the probe routine should error out if size is bigger than 256. > > But size is currently fixed to 256, so all is fine. Yes, if we extend it > for bigger sizes, all that stuff needs to be taken care of, right. yeah, it's well hidden, but true. So IMHO worth a comment. Best regards Uwe -- Pengutronix e.K. | Uwe Kleine-König | Industrial Linux Solutions | http://www.pengutronix.de/ | -- To unsubscribe from this list: send the line "unsubscribe linux-i2c" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
