Hi Dan, On 4/12/24 10:25, Dan Carpenter wrote:
The "nb_firewall" variable is the number of elements in the firewall[] array, which is allocated in stm32_firewall_populate_bus(). So change this > comparison to >= to prevent an out of bound access. Fixes: 5c9668cfc6d7 ("firewall: introduce stm32_firewall framework") Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> --- drivers/bus/stm32_firewall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c index decb79449047..2fc9761dadec 100644 --- a/drivers/bus/stm32_firewall.c +++ b/drivers/bus/stm32_firewall.c @@ -53,7 +53,7 @@ int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *f return err; }- if (j > nb_firewall) {+ if (j >= nb_firewall) { pr_err("Too many firewall controllers"); of_node_put(provider); return -EINVAL;
Thank you. Reviewed-by: Gatien Chevallier <gatien.chevallier@xxxxxxxxxxx>
