Re: [RESEND][PATCH] hwmon: scmi: fix potential buffer overflow in scmi_hwmon_probe()

From: Sudeep Holla
Date: Wed Jul 15 2020 - 09:00:55 EST

Next message: Vinod Koul: "[PATCH] dmaengine: imx-sdma: remove always true comparisons"
Previous message: Marc Zyngier: "[Stable-5.4][PATCH 2/3] arm64: arch_timer: Allow an workaround descriptor to disable compat vdso"
In reply to: Cristian Marussi: "[RESEND][PATCH] hwmon: scmi: fix potential buffer overflow in scmi_hwmon_probe()"
Next in thread: Guenter Roeck: "Re: [RESEND][PATCH] hwmon: scmi: fix potential buffer overflow in scmi_hwmon_probe()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 15, 2020 at 01:13:38PM +0100, Cristian Marussi wrote:
> SMATCH detected a potential buffer overflow in the manipulation of
> hwmon_attributes array inside the scmi_hwmon_probe function:
>
> drivers/hwmon/scmi-hwmon.c:226
> scmi_hwmon_probe() error: buffer overflow 'hwmon_attributes' 6 <= 9
>
> Fix it by statically declaring the size of the array as the maximum
> possible as defined by hwmon_max define.
>

Makes sense to me,

Reviewed-by: Sudeep Holla <sudeep.holla@xxxxxxx>

There may be other such instances. I am not sure if Guenter has ignored
them intentionally or just no one has fixed them so far.

--
Regards,
Sudeep

Next message: Vinod Koul: "[PATCH] dmaengine: imx-sdma: remove always true comparisons"
Previous message: Marc Zyngier: "[Stable-5.4][PATCH 2/3] arm64: arch_timer: Allow an workaround descriptor to disable compat vdso"
In reply to: Cristian Marussi: "[RESEND][PATCH] hwmon: scmi: fix potential buffer overflow in scmi_hwmon_probe()"
Next in thread: Guenter Roeck: "Re: [RESEND][PATCH] hwmon: scmi: fix potential buffer overflow in scmi_hwmon_probe()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]