On 20.2.2018 13:27, Geert Uytterhoeven wrote: > Hi Michal, > > On Tue, Feb 20, 2018 at 12:27 PM, Michal Simek <michal.simek@xxxxxxxxxx> wrote: >> On 20.2.2018 11:38, Geert Uytterhoeven wrote: >>> On Tue, Feb 20, 2018 at 11:22 AM, Michal Simek <michal.simek@xxxxxxxxxx> wrote: >>>> On 20.2.2018 10:40, Geert Uytterhoeven wrote: >>>>> The cdns_uart_port[] array is indexed using a value derived from the >>>>> "serialN" alias in DT, which may lead to an out-of-bounds access. >>>>> >>>>> Fix this by adding a range check. > >> I have checked 4 patches I have sent in past which didn't reach mainline >> (probably because of RFC) >> Take a look at >> https://www.spinics.net/lists/linux-serial/msg27106.html >> >> I have removed cdns_uart_port array completely there. > > Nice! I'd love to get rid of fixed arrays in serial... > > However, IMHO it's still worthwhile to fix the out-of-bounds access first, > as that fix can be backported to stable kernels easily. I agree with you. Not a problem with your patch and for me it won't be problem to rebase. I would love to get rid of CDNS_UART_NR_PORTS but unfortunately this is passed to core via .nr. Thanks, Michal
