Callers may rely on the block functions returning the actually processed
number of bytes, even if the requested number of bytes is larger, e.g.
when used in a loop. However the length argument is of type u8 currently.
This may result in unintended casting and side effects.
If e.g. length == 256, then the effective length would be 0.
Therefore callers that can not guarantee length < 256 have to duplicate
the following check that is done by the block functions already:
if (length > I2C_SMBUS_BLOCK_MAX)
length = I2C_SMBUS_BLOCK_MAX;
To avoid this change the type of length to size_t.
Signed-off-by: Heiner Kallweit <hkallweit1@xxxxxxxxx>
---
drivers/i2c/i2c-core-smbus.c | 8 ++++----
include/linux/i2c.h | 8 ++++----
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/drivers/i2c/i2c-core-smbus.c b/drivers/i2c/i2c-core-smbus.c
index 304c2c8fe..6fda43317 100644
--- a/drivers/i2c/i2c-core-smbus.c
+++ b/drivers/i2c/i2c-core-smbus.c
@@ -249,7 +249,7 @@ EXPORT_SYMBOL(i2c_smbus_read_block_data);
* else zero on success.
*/
s32 i2c_smbus_write_block_data(const struct i2c_client *client, u8 command,
- u8 length, const u8 *values)
+ size_t length, const u8 *values)
{
union i2c_smbus_data data;
@@ -265,7 +265,7 @@ EXPORT_SYMBOL(i2c_smbus_write_block_data);
/* Returns the number of read bytes */
s32 i2c_smbus_read_i2c_block_data(const struct i2c_client *client, u8 command,
- u8 length, u8 *values)
+ size_t length, u8 *values)
{
union i2c_smbus_data data;
int status;
@@ -285,7 +285,7 @@ s32 i2c_smbus_read_i2c_block_data(const struct i2c_client *client, u8 command,
EXPORT_SYMBOL(i2c_smbus_read_i2c_block_data);
s32 i2c_smbus_write_i2c_block_data(const struct i2c_client *client, u8 command,
- u8 length, const u8 *values)
+ size_t length, const u8 *values)
{
union i2c_smbus_data data;
@@ -638,7 +638,7 @@ EXPORT_SYMBOL(__i2c_smbus_xfer);
* transfer.
*/
s32 i2c_smbus_read_i2c_block_data_or_emulated(const struct i2c_client *client,
- u8 command, u8 length, u8 *values)
+ u8 command, size_t length, u8 *values)
{
u8 i = 0;
int status;
diff --git a/include/linux/i2c.h b/include/linux/i2c.h
index 7d4f52ceb..706357241 100644
--- a/include/linux/i2c.h
+++ b/include/linux/i2c.h
@@ -178,14 +178,14 @@ i2c_smbus_write_word_swapped(const struct i2c_client *client,
s32 i2c_smbus_read_block_data(const struct i2c_client *client,
u8 command, u8 *values);
s32 i2c_smbus_write_block_data(const struct i2c_client *client,
- u8 command, u8 length, const u8 *values);
+ u8 command, size_t length, const u8 *values);
/* Returns the number of read bytes */
s32 i2c_smbus_read_i2c_block_data(const struct i2c_client *client,
- u8 command, u8 length, u8 *values);
+ u8 command, size_t length, u8 *values);
s32 i2c_smbus_write_i2c_block_data(const struct i2c_client *client,
- u8 command, u8 length, const u8 *values);
+ u8 command, size_t length, const u8 *values);
s32 i2c_smbus_read_i2c_block_data_or_emulated(const struct i2c_client *client,
- u8 command, u8 length,
+ u8 command, size_t length,
u8 *values);
int i2c_get_device_id(const struct i2c_client *client,
struct i2c_device_identity *id);
--
2.35.1
