Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp632579rwb; Sat, 17 Sep 2022 11:33:18 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4QSZj3389bKfl4U3KYo/rNAkIgyi/XfZqh2uHuttHPG1fBny31Q3GGxpSPQNFdCJJ7Asyv X-Received: by 2002:a17:902:70c4:b0:178:54cf:d397 with SMTP id l4-20020a17090270c400b0017854cfd397mr5493286plt.24.1663439598154; Sat, 17 Sep 2022 11:33:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663439598; cv=none; d=google.com; s=arc-20160816; b=juGdjNaqNE4ee9bwmLj2tRf+DjTRmQ3nNT7RjX9vJKQzQfdKovZ3a78L3s3oV7MJ2q oZkX+H4bxgjEuUxfBeN2G93nghT9u4LQrnhS2xJN8fF36EZPkIWZd9FHGJ/uXDCLMMj9 UUp0vkOc+xxbzpDeYdtKW0uC6cuP0bhipWV0rCzZiiOwn0PK8KSL14NuvImFwOJ9T1Z5 7rDPQQ/D92kiiQ57bxVWPDWfbPUJoP2/VVBD9vrFGMGxJbkJWwARC5eJUKO6EoYByVwh GoQPAPgLMiKAEygVfXhPOFAcJj0H8hDZcJvcTbUfZPisQGod53Jvg+qDaIB8Un2zLTpt OeeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:mail-followup-to:message-id:subject:cc:to:from:date :dkim-signature; bh=qGtCA6GrIp7QNC+UXHzEAxuLRFr7YzHkiSkScSTx7d4=; b=hQBBkDzvk7uv18sOEev7SBabWGyxcdwppxwapzn6xnpvyeSnDCHNIzH+b8qrfZDk88 4qMCejdr+IGNRWbim7x22pSIEm/aOfWv0WfyyIhJAeQ2yIwCKr7AMGFItTWjnKsS3SZ3 Hc497UE92VfJm//OZWoLELJPXeXv5U/qHeMkfDwLMM573Fu5QqTkLciggORC5sHOzjfM FQ57RFGA9EEfDdKqAQ+15A3FKeeU1f/Pg/XksX18Ts3Q2FwM0myoqj1KoaWvq58YvSpb QaPR6rCQ6kXdjIf4lvnjVm293JNphSXFDTxEMqmSkiKtE4C2RgXZsVvN1o0Z0e36Hl38 OToQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail (test mode) header.i=@sang-engineering.com header.s=k1 header.b="02Egre4/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o12-20020a655bcc000000b00434b5c7ddcasi26643118pgr.640.2022.09.17.11.33.00; Sat, 17 Sep 2022 11:33:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail (test mode) header.i=@sang-engineering.com header.s=k1 header.b="02Egre4/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229556AbiIQSOl (ORCPT + 99 others); Sat, 17 Sep 2022 14:14:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44596 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229533AbiIQSOk (ORCPT ); Sat, 17 Sep 2022 14:14:40 -0400 Received: from mail.zeus03.de (www.zeus03.de [194.117.254.33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EBAE911170 for ; Sat, 17 Sep 2022 11:14:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=sang-engineering.com; h= date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=k1; bh=qGtCA6GrIp7QNC+UXHzEAxuLRFr7 YzHkiSkScSTx7d4=; b=02Egre4/ULmKg2wqIhZjFL4A3U4sCT7/5Zr5tO9WP0kw t/ixP2ywMpXLMdV7wTbUltiUxG4wpwbRtvezklS/MwXjCR4K2FKn8m4xRQmu1Dfk OhOLX2H+B5aR1cSutAjW8RmQAwOMe2CYK5yg6Fn3AMVuXpywUVY2tNFVVxmmnMI= Received: (qmail 3856192 invoked from network); 17 Sep 2022 20:14:37 +0200 Received: by mail.zeus03.de with ESMTPSA (TLS_AES_256_GCM_SHA384 encrypted, authenticated); 17 Sep 2022 20:14:37 +0200 X-UD-Smtp-Session: l3s3148p1@7yZ6c+Pojq+5aIoe Date: Sat, 17 Sep 2022 20:14:35 +0200 From: Wolfram Sang To: Asmaa Mnebhi Cc: linux-i2c@vger.kernel.org, linux-kernel@vger.kernel.org, Khalil Blaiech Subject: Re: [PATCH v3 4/9] i2c-mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() Message-ID: Mail-Followup-To: Wolfram Sang , Asmaa Mnebhi , linux-i2c@vger.kernel.org, linux-kernel@vger.kernel.org, Khalil Blaiech References: <20220908173544.32615-1-asmaa@nvidia.com> <20220908173544.32615-5-asmaa@nvidia.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="HbfR/25l1tz8oMFa" Content-Disposition: inline In-Reply-To: <20220908173544.32615-5-asmaa@nvidia.com> X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --HbfR/25l1tz8oMFa Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 08, 2022 at 01:35:39PM -0400, Asmaa Mnebhi wrote: > memcpy() is called in a loop while 'operation->length' upper bound > is not checked and 'data_idx' also increments. >=20 > Fixes: b5b5b32081cd206b ("i2c: mlxbf: I2C SMBus driver for Mellanox BlueF= ield SoC") > Reviewed-by: Khalil Blaiech > Signed-off-by: Asmaa Mnebhi Fixed the prefix in $subject and applied to for-current, thanks! --HbfR/25l1tz8oMFa Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAmMmDosACgkQFA3kzBSg KbZUcw//c5l2tzVxzZPey6OksmRVrBrnicCTM5L8GZBZznmd6/A9cM2uTkHhjA/t +HjaHSK0BJ1CXK7UeWbVGBzMMtdF4QR0IfmEgfZzQk6gwMUfJCqVHvyPyGnUuhVz z1xAatZlmQLnsarIIvHyMTyXA6Auyt/I7b5Ruj2mzSykeCzWyA86b8aplHXXQhdn rE23Mm2HwQMrIo6+3Kn+792eBceXyY5MFRmpdXgVJe0A7TdaJXGu8Rh8zh0zdlMg drzvwmQVDWbW1wQRPBLbVLzPjsMayNCNHzfN0A8SDxF5eOkdS8S9FmpsswAIDCmJ YbT0UKoDIec4Yh4txrTjqbRhlnypQy/1lJq1blwdogowZBvngzYA8Vz3IMSIPKXs qDh+iRHOohGZeR9yADOgmUFd+ZPiKK29n02SFSyOXCwOt9aoXZpN/CUhtrBHH+u/ oRR96STlCrj7fslgg84BUCzn8FW83BCzibStsxprYPN8inOc3ve1x7keHRTBo+7+ 1pDNf/IN6KMSElvlhzwQeYYDIwy4g01EEOFjm3dSv24YQGvGsS6DsQKuYybg24bm l7OYn9bdUM9YMlEVTnBIRDXVnFg5ZFotxHo4xc48POb1KEPpBhLdRnFs/2TIypcD b/5aVvQmpdg4R+yk8o2vvVnlZrm/qtTwlk1wTfQ7gUWFObrMPB0= =2yYg -----END PGP SIGNATURE----- --HbfR/25l1tz8oMFa--