[PATCH 1/1] regcache: flat: Require max_registers to be set
From: Alexander Stein
Date: Tue Mar 29 2016 - 02:53:49 EST
If max_register is unset, regcache_flat_get_index will return 0 and only
memory for 1 unsigned int will be allocated, resulting in writing out
of bounds.
Signed-off-by: Alexander Stein <alexander.stein@xxxxxxxxxxxxxxxxxxxxx>
---
drivers/base/regmap/regcache-flat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/base/regmap/regcache-flat.c b/drivers/base/regmap/regcache-flat.c
index 3ee7255..4d2e50b 100644
--- a/drivers/base/regmap/regcache-flat.c
+++ b/drivers/base/regmap/regcache-flat.c
@@ -27,7 +27,7 @@ static int regcache_flat_init(struct regmap *map)
int i;
unsigned int *cache;
- if (!map || map->reg_stride_order < 0)
+ if (!map || map->reg_stride_order < 0 || !map->max_register)
return -EINVAL;
map->cache = kcalloc(regcache_flat_get_index(map, map->max_register)
--
2.7.3