Re: [REGRESSION] NFC broken on Thinkpad T14 Gen since 9c328f5

Next message: Mark Pearson: "Re: [PATCH v2 2/6] platform/x86: lenovo-wmi-other: Limit adding attributes to supported devices"
Previous message: Derek J. Clark: "Re: [PATCH v2 2/6] platform/x86: lenovo-wmi-other: Limit adding attributes to supported devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jakub Kicinski

Date: Tue Feb 17 2026 - 19:21:27 EST

On Sat, 7 Feb 2026 01:25:29 +0100 Lukas K. wrote:
> > static const __u8 *
> > nci_extract_rf_params_nfca_passive_poll(struct nci_dev *ndev,
> > struct rf_tech_specific_params_nfca_poll *nfca_poll,
> >- const __u8 *data)
> >+ const __u8 *data, size_t data_len)
> > {
> >+ /* Check if we have enough data for sens_res (2 bytes) */
> >+ if (data_len < 2)
> >+ return ERR_PTR(-EINVAL);
> >+
> > nfca_poll->sens_res = __le16_to_cpu(*((__le16 *)data));
> > data += 2;
> >+ data_len -= 2;
> >+
> >+ /* Check if we have enough data for nfcid1_len (1 byte) */
> >+ if (data_len < 1)
> >+ return ERR_PTR(-EINVAL);
>
> If data_len underflows at any point it'll wrap to some large value and
> the less than comparisons will yield an incorrect result. Using ssize_t
> should fix that.

Could you make this modification and repost the patch?

Keep the original author, since Michael wrote most of the code,
just add your Signed-off-by at the end.