Re: [PATCH 1/8] of/irq: Fix wrong value of variable @len in of_irq_parse_imap_parent()

From: Rob Herring
Date: Mon Dec 09 2024 - 15:56:22 EST

Next message: Alex Deucher: "Re: [PATCH 0/5] Some more drm/amd/display deadcoding"
Previous message: Josh Poimboeuf: "Re: [PATCH v3 07/19] unwind: Add user space unwinding API"
In reply to: Zijun Hu: "[PATCH 1/8] of/irq: Fix wrong value of variable @len in of_irq_parse_imap_parent()"
Next in thread: Zijun Hu: "Re: [PATCH 1/8] of/irq: Fix wrong value of variable @len in of_irq_parse_imap_parent()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 09, 2024 at 09:24:59PM +0800, Zijun Hu wrote:
> From: Zijun Hu <quic_zijuhu@xxxxxxxxxxx>
>
> Fix wrong @len value by 'len--' after 'imap++'
> in of_irq_parse_imap_parent().
>
> Fixes: 935df1bd40d4 ("of/irq: Factor out parsing of interrupt-map parent phandle+args from of_irq_parse_raw()")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Zijun Hu <quic_zijuhu@xxxxxxxxxxx>
> ---
> drivers/of/irq.c | 1 +
> 1 file changed, 1 insertion(+)

Applied, but rewrote the commit message:

of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent()

On a malformed interrupt-map property which is shorter than expected by
1 cell, we may read bogus data past the end of the property instead of
returning an error in of_irq_parse_imap_parent().

Decrement the remaining length when skipping over the interrupt parent
phandle cell.

Next message: Alex Deucher: "Re: [PATCH 0/5] Some more drm/amd/display deadcoding"
Previous message: Josh Poimboeuf: "Re: [PATCH v3 07/19] unwind: Add user space unwinding API"
In reply to: Zijun Hu: "[PATCH 1/8] of/irq: Fix wrong value of variable @len in of_irq_parse_imap_parent()"
Next in thread: Zijun Hu: "Re: [PATCH 1/8] of/irq: Fix wrong value of variable @len in of_irq_parse_imap_parent()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]