On Thu, 27 Aug 2020, Randy Dunlap wrote: > On 8/27/20 10:49 AM, Zwane Mwaikambo wrote: > > This v3 addresses patch formatting and submission issues with the > > previous versions. > > That info goes after the "---" line. Got it, i misunderstood Greg's comment. > > con->partner_altmode[i] ends up with the value 0x2 in the call to > > typec_altmode_update_active because the array has been accessed out of > > bounds causing a random memory read. > > > > This patch fixes the first occurence and 2/2 the second. > > occurrence Corrected > > Signed-off-by: Zwane Mwaikambo <zwane@xxxxxxxxx> > > --- > > > > diff --git a/drivers/usb/typec/ucsi/ucsi.c b/drivers/usb/typec/ucsi/ucsi.c > > index d0c63afaf..79061705e 100644 > > --- a/drivers/usb/typec/ucsi/ucsi.c > > +++ b/drivers/usb/typec/ucsi/ucsi.c > > @@ -218,9 +218,10 @@ void ucsi_altmode_update_active(struct ucsi_connector *con) > > if (cur < UCSI_MAX_ALTMODES) > > altmode = typec_altmode_get_partner(con->port_altmode[cur]); > > > > - for (i = 0; con->partner_altmode[i]; i++) > > - typec_altmode_update_active(con->partner_altmode[i], > > - con->partner_altmode[i] == altmode); > > + for (i = 0; i < UCSI_MAX_ALTMODES; i++) > > + if (con->partner_altmode[i]) > > + typec_altmode_update_active(con->partner_altmode[i], > > + con->partner_altmode[i] == altmode); > > What happened to the indentation here? Too much. It was tabs to line up the parameters, i'll update it to just one indentation level from the function. Thanks, Zwane
