Re: [char-misc v4.4.y 2/2] mei: bus: type promotion bug in mei_nfc_if_version()

From: Greg Kroah-Hartman
Date: Thu Sep 13 2018 - 08:35:59 EST

Next message: Peter Zijlstra: "Re: [RFC][PATCH 01/11] asm-generic/tlb: Provide a comment"
Previous message: Petr Mladek: "[PATCH] printk: Do not miss new messages when replaying the log"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 04, 2018 at 01:43:04AM +0300, Tomas Winkler wrote:
> From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
>
> commit b40b3e9358fbafff6a4ba0f4b9658f6617146f9c upstream
>
> We accidentally removed the check for negative returns
> without considering the issue of type promotion.
> The "if_version_length" variable is type size_t so if __mei_cl_recv()
> returns a negative then "bytes_recv" is type promoted
> to a high positive value and treated as success.
>
> Cc: <stable@xxxxxxxxxxxxxxx> # 4.4

I also need a version of this patch for 4.18.y, 4.14.y, and 4.9.y before
I will consider adding it to 4.4.y, as we do not want anyone to ever get
a regression moving to a new kernel.

thanks,

greg k-h

Next message: Peter Zijlstra: "Re: [RFC][PATCH 01/11] asm-generic/tlb: Provide a comment"
Previous message: Petr Mladek: "[PATCH] printk: Do not miss new messages when replaying the log"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]