The "nb_firewall" variable is the number of elements in the firewall[]
array, which is allocated in stm32_firewall_populate_bus(). So change
this > comparison to >= to prevent an out of bound access.
Fixes: 5c9668cfc6d7 ("firewall: introduce stm32_firewall framework")
Signed-off-by: Dan Carpenter <[email protected]>
---
drivers/bus/stm32_firewall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c
index decb79449047..2fc9761dadec 100644
--- a/drivers/bus/stm32_firewall.c
+++ b/drivers/bus/stm32_firewall.c
@@ -53,7 +53,7 @@ int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *f
return err;
}
- if (j > nb_firewall) {
+ if (j >= nb_firewall) {
pr_err("Too many firewall controllers");
of_node_put(provider);
return -EINVAL;
--
2.43.0
Hi Dan,
On 4/12/24 10:25, Dan Carpenter wrote:
> The "nb_firewall" variable is the number of elements in the firewall[]
> array, which is allocated in stm32_firewall_populate_bus(). So change
> this > comparison to >= to prevent an out of bound access.
>
> Fixes: 5c9668cfc6d7 ("firewall: introduce stm32_firewall framework")
> Signed-off-by: Dan Carpenter <[email protected]>
> ---
> drivers/bus/stm32_firewall.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c
> index decb79449047..2fc9761dadec 100644
> --- a/drivers/bus/stm32_firewall.c
> +++ b/drivers/bus/stm32_firewall.c
> @@ -53,7 +53,7 @@ int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *f
> return err;
> }
>
> - if (j > nb_firewall) {
> + if (j >= nb_firewall) {
> pr_err("Too many firewall controllers");
> of_node_put(provider);
> return -EINVAL;
Thank you.
Reviewed-by: Gatien Chevallier <[email protected]>
Hi Dan
On 4/12/24 10:25, Dan Carpenter wrote:
> The "nb_firewall" variable is the number of elements in the firewall[]
> array, which is allocated in stm32_firewall_populate_bus(). So change
> this > comparison to >= to prevent an out of bound access.
>
> Fixes: 5c9668cfc6d7 ("firewall: introduce stm32_firewall framework")
> Signed-off-by: Dan Carpenter <[email protected]>
> ---
> drivers/bus/stm32_firewall.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c
> index decb79449047..2fc9761dadec 100644
> --- a/drivers/bus/stm32_firewall.c
> +++ b/drivers/bus/stm32_firewall.c
> @@ -53,7 +53,7 @@ int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *f
> return err;
> }
>
> - if (j > nb_firewall) {
> + if (j >= nb_firewall) {
> pr_err("Too many firewall controllers");
> of_node_put(provider);
> return -EINVAL;
Applied on stm32-next.
Regards
Alex