Hello Ilan Elias,
The patch 7e0352306f68: "NFC: Set local general bytes in
nci_start_poll" from Aug 15, 2012, leads to the following warning:
net/nfc/nci/core.c:427 nci_set_local_general_bytes()
error: buffer overflow 'local_gb' 48 <= 250
416 __u8 local_gb[NFC_MAX_GT_LEN];
^^^^^^^^^^^^^^
48 elements.
417 int i, rc = 0;
418
419 param.val = nfc_get_local_general_bytes(nfc_dev, ¶m.len);
420 if ((param.val == NULL) || (param.len == 0))
421 return rc;
422
423 if (param.len > NCI_MAX_PARAM_LEN)
^^^^^^^^^^^^^^^^^
Capped at 250. Probably NFC_MAX_GT_LEN was intended?
424 return -EINVAL;
425
426 for (i = 0; i < param.len; i++)
427 local_gb[param.len-1-i] = param.val[i];
^^^^^^^^^^^^^
Writing to the 250th element.
This is just a sanity check and nfc_get_local_general_bytes() will only
return NFC_MAX_GT_LEN max because of the check in nfc_llcp_build_gb().
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
