Hi Dan,
On 4/12/24 10:25, Dan Carpenter wrote:
The "nb_firewall" variable is the number of elements in the firewall[]
array, which is allocated in stm32_firewall_populate_bus(). So change
this > comparison to >= to prevent an out of bound access.
Fixes: 5c9668cfc6d7 ("firewall: introduce stm32_firewall framework")
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
drivers/bus/stm32_firewall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c
index decb79449047..2fc9761dadec 100644
--- a/drivers/bus/stm32_firewall.c
+++ b/drivers/bus/stm32_firewall.c
@@ -53,7 +53,7 @@ int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *f
return err;
}
- if (j > nb_firewall) {
+ if (j >= nb_firewall) {
pr_err("Too many firewall controllers");
of_node_put(provider);
return -EINVAL;
Thank you.
Reviewed-by: Gatien Chevallier <gatien.chevallier@xxxxxxxxxxx>