Re: [PATCH v2] nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION

From: Krzysztof Kozlowski
Date: Thu Nov 18 2021 - 02:42:23 EST

Next message: Peter Zijlstra: "Re: [PATCH] refcount: introduce refcount_is_one() helper function"
Previous message: Jammy Huang: "[PATCH v5 09/10] media: aspeed: add comments and macro"
In reply to: Jordy Zomer: "[PATCH v2] nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 18/11/2021 08:04, Jordy Zomer wrote:
> It appears that there are some buffer overflows in EVT_TRANSACTION.
> This happens because the length parameters that are passed to memcpy
> come directly from skb->data and are not guarded in any way.
>
> It would be nice if someone can review and test this patch because
> I don't own the hardware :)
>
> EDIT: Changed the comment styles and removed double newlines
>

Same comments apply. :)

Best regards,
Krzysztof

Next message: Peter Zijlstra: "Re: [PATCH] refcount: introduce refcount_is_one() helper function"
Previous message: Jammy Huang: "[PATCH v5 09/10] media: aspeed: add comments and macro"
In reply to: Jordy Zomer: "[PATCH v2] nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]