Hi Andi: Thank you for your review. Andi Shyti <andi.shyti@xxxxxxxxxx> 於 2024年9月6日 週五 上午5:24寫道: > > Hi Tyrone, > > On Fri, Aug 30, 2024 at 11:46:34AM GMT, Tyrone Ting wrote: > > The smatch check warning is "buffer overflow 'npcm_i2caddr' 2 <= 9". > > The original design supports 10 slave addresses although only 2 > > please remember that the "slave" term has been replaced by the > "target" term. I will change it when applying the patch. > Thank you for your reminder. I'll change the term ever since. > > addresses are required for current implementation. > > > > Restore the npcm_i2caddr array length to fix the smatch warning. > > > > Fixes: 47d506d1a28f ("i2c: npcm: Remove own slave addresses 2:10") > > I don't think the Fixes tag is necessary here. This change is > primarily addressing a static analyzer warning. While some cases > come close to a buffer overflow, it couldn’t have occurred in > practice since we don't actually have the devices listed in > npcm_i2caddr[]. > Understood. I'll remove the Fixes tag. > > Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > Closes: https://lore.kernel.org/r/202408130818.FgDP5uNm-lkp@xxxxxxxxx/ > > Signed-off-by: Tyrone Ting <kfting@xxxxxxxxxxx> > > --- > > drivers/i2c/busses/i2c-npcm7xx.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > diff --git a/drivers/i2c/busses/i2c-npcm7xx.c b/drivers/i2c/busses/i2c-npcm7xx.c > > index 2fe68615942e..bbcb4d6668ce 100644 > > --- a/drivers/i2c/busses/i2c-npcm7xx.c > > +++ b/drivers/i2c/busses/i2c-npcm7xx.c > > @@ -136,11 +136,13 @@ enum i2c_addr { > > * Since the addr regs are sprinkled all over the address space, > > * use this array to get the address or each register. > > */ > > -#define I2C_NUM_OWN_ADDR 2 > > +#define I2C_NUM_OWN_ADDR 10 > > #define I2C_NUM_OWN_ADDR_SUPPORTED 2 > > > > static const int npcm_i2caddr[I2C_NUM_OWN_ADDR] = { > > - NPCM_I2CADDR1, NPCM_I2CADDR2, > > + NPCM_I2CADDR1, NPCM_I2CADDR2, NPCM_I2CADDR3, NPCM_I2CADDR4, > > + NPCM_I2CADDR5, NPCM_I2CADDR6, NPCM_I2CADDR7, NPCM_I2CADDR8, > > + NPCM_I2CADDR9, NPCM_I2CADDR10, > > Looks a bit hacky, but serves the purpose. > > The core issue in "npcm_i2c_slave_enable()" is the lack of an > upper boundary check, which could potentially lead to a buffer > overflow. In practice, we rely on the assumption that these > addresses don’t exist in the real world. > > An easier fix could have been: > > @@ -629,7 +629,7 @@ static int npcm_i2c_slave_enable(struct npcm_i2c *bus, enum i2c_addr addr_type, > if (addr_type > I2C_SLAVE_ADDR2 && addr_type <= I2C_SLAVE_ADDR10) > dev_err(bus->dev, "try to enable more than 2 SA not supported\n"); > > - if (addr_type >= I2C_ARP_ADDR) > + if (addr_type > I2C_SLAVE_ADDR2) > return -EFAULT; > > /* Set and enable the address */ > > But yours is a bit more robust, so that I'm going to take this > patch. > > Reviewed-by: Andi Shyti <andi.shyti@xxxxxxxxxx> > > Thanks, > Andi > > > }; > > #endif > > > > -- > > 2.34.1 > > Thank you. Regards, Tyrone