Re: [PATCH] iio: dac: ad3552r-hs: fix uninitialized data ni ad3552r_hs_write_data_source()

Next message: Dmitry Baryshkov: "Re: [PATCH 1/2] crypto: Delete Qualcomm crypto engine driver"
Previous message: Linus Walleij: "Re: [PATCH] gpiolib: Mark gpio_devt, gpiolib_initialized and gpio_stub_drv as __ro_after_init"
In reply to: Dan Carpenter: "[PATCH] iio: dac: ad3552r-hs: fix uninitialized data ni ad3552r_hs_write_data_source()"
Next in thread: Dan Carpenter: "Re: [PATCH] iio: dac: ad3552r-hs: fix uninitialized data ni ad3552r_hs_write_data_source()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Angelo Dureghello

Date: Mon May 25 2026 - 04:12:21 EST

Hi Dan,

On Mon, May 25, 2026 at 10:15:46AM +0300, Dan Carpenter wrote:
> If the *ppos value is non-zero then the simple_write_to_buffer() function
> won't initialized the start of the buf[] buffer. Non-zero values for
> *ppos won't work here generally, so just test for them and return -EINVAL
> at the start of the function.
>
> Fixes: b1c5d68ea66e ("iio: dac: ad3552r-hs: add support for internal ramp")
> Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>
> ---
> drivers/iio/dac/ad3552r-hs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/iio/dac/ad3552r-hs.c b/drivers/iio/dac/ad3552r-hs.c
> index a9578afa7015..6bc64f53bce9 100644
> --- a/drivers/iio/dac/ad3552r-hs.c
> +++ b/drivers/iio/dac/ad3552r-hs.c
> @@ -549,7 +549,7 @@ static ssize_t ad3552r_hs_write_data_source(struct file *f,
>
> guard(mutex)(&st->lock);
>
> - if (count >= sizeof(buf))
> + if (*ppos != 0 || count >= sizeof(buf))
> return -ENOSPC;
>
> ret = simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, userbuf,
> --

thanks for the fix,

Reviewed-by: Angelo Dureghello <adureghello@xxxxxxxxxxxx>

it looks like this may fix an additional overflow in case ppos is near the
end of buf[].
But i am actually missing the use case when ppos is non zero, can this
happen from shell "echo" ? Or some fseek/dd is needed to trigger it ?

Thanks,
regards,
angelo

> 2.53.0
>