From nobody Tue Dec 16 07:29:47 2025 Received: from AM0PR02CU008.outbound.protection.outlook.com (mail-westeuropeazon11013051.outbound.protection.outlook.com [52.101.72.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 49D5922B588; Thu, 8 May 2025 13:06:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.72.51 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709604; cv=fail; b=mDhkghoO3HxFO7M0DRHt9qKXwF+PfQridi8vdd3sws5BmZ7bZ9Z2lhd7KVEaVbFXunnWmUImeph5MRSEg1sLxSk6WiIqvmX68Xl4Yfm/6rlk5MsWUhSNpRKaKBqxIUYt6i09VrWck9GOoYvjkHGZ7LbvzPIF/DR5SMV9TVx3m9U= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709604; c=relaxed/simple; bh=bytdSOFTwJ15vx0O6fahikG6P99PIzOf0mBzTzxNoGQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=pw/3AMFPRxTl77sUZqJT+p96K0k1p26h1cUsRY2/zKszhc2wK+OCqRUvshLF/V4NRmSnxfXj9C6gkZR0C4sPGa3ecPLhpJKdgeTiV83KKnwUAX+Dq/np6YOPMhZc+y0p9+KSng/G0KlQVRnxeyvV9IX/3zdE1aXyUVCzT0B03QU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=bK4JCmUd; arc=fail smtp.client-ip=52.101.72.51 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="bK4JCmUd" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QJPde4QvM8ENV1ym6i8ETnl8WMdGqyyejpoDWYpZzpkuj5j5/BjSy00RCoLo3g9zEDTgyb45IxS2RQ8Q6Li69lednXtCIXt1Nw1TPx058ldqecSKBkP2v1tCsnihwQfBif68sXg9hrMahNCxGEFlJU66lAzpFt4N9HjYkQNRQ1sOJzFcsr4YQjFXbtnztox4vXR9WntSNPPf90hTWyj9DgJ/CnodKHpPzE4Fmv7CsYvAV5AsvunSHsowZVpgns1byW5jmO4kcR1gGWwSEDDkNaJvjFY2SXxCRRqzsAHysiFYLzOyDubGI7yyjtvyAGh+C41BsU4IzT+dZL/HJJ7QCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yP1+b4a/jprhbCwiHbwvZ/V/bgapdxOebcr2yuOU10s=; b=dOnCfnSYxajX92CeRnRR+eLAjNLqR+ZLKhjCNe2lbGbEwiCDve7UkngRr3VUQy4Sgx5vBLXat0oCAaDZ3VJfiFqZJef02qi3zShSyRvnNVdfsB79MLVI3EHi6EJtCM5ZNHLb4nqI/+xWlevT5be7HYwfuArb+tCA1JTmP7JtLbGAwxSMHhaucquNV2XO0w75NuLaPUs6CxVvCr8u8EN0Z9AfsnXFFofDo2vzFOo/c5pBzXNIRW2vq0oLryduwsAwEJhoFo+cpKA+HzFjAZsrvJbolPgssnG53JcTtM2cBcKQXJnuar9JMjRW9mDL9GFA5yTRpiVgiWejRW4CvXt7pQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yP1+b4a/jprhbCwiHbwvZ/V/bgapdxOebcr2yuOU10s=; b=bK4JCmUdwJVHAq5YOKyguMfiVYTggJLltbA7MbTwDlXEx5finKD5a70oCYL3X5Z0C9j6w4VJcaWixjhwoP07DRsf+veGRPlanTvKde7Oap6geqmA+46KEzHoV5bQzLBL9mvpIqQtA17amW+OgG1LmQcBoNZrjgOiH8Ck76DuV5vlyyeP26anDq13jo0Un2EMNcVh9kDHv/C56LoouJ557wZJyPjnJ2pMlul+1U6e1VdhlHytTNchMtzg/fObvx7eNGKvxhNg+oC8SNDJPtBHv4oAH7i6eCmuCcOm8whgVL4D0TH7sDtzrA6BHiH+zdRde7+8CJbT00v2CtCfT/kEEg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:06:39 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:06:39 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 1/6] iio: backend: fix out-of-bound write Date: Thu, 8 May 2025 15:06:07 +0200 Message-Id: <20250508130612.82270-2-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: ZR0P278CA0057.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:21::8) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: f45ad1aa-8e33-4d12-3f7e-08dd8e312bbb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?4g41KD/BF1zGc9DaCRQo0rmIo330lcFNUi5soR97oISUrBbJO83bWn5qDhdo?= =?us-ascii?Q?aig04D4w6jvnsDXyiB1vASF6WeQyUXXu/sGjMh1fJgnRsWkXUtF2FHj/NH9j?= =?us-ascii?Q?DGzuYh1zJWbxbiBZQzVzq5r36PwH3YXEaCQghA4pooV41puaNmtA7d22vER9?= =?us-ascii?Q?8SNnP/q3Ouk9psrZHLdvSba5b0z3+enNsFJ/wJov6NX4gOk2EDQWLmURFe9y?= =?us-ascii?Q?RHUvllyKhfl3ikl+BFvtWGi/g/Zu1UFcVWVGCVDyzoPypL0mQLlJ9GhIb+0G?= =?us-ascii?Q?XEq/YYJeQw+bI3KGeKEI2byik66Rv/ly0ciAKJTi+ZS2ywTf+6a50siOnslf?= =?us-ascii?Q?t1rfI5y9kProh9yl64TENwo0B3mWtk/GpB40Skw9clBlvct1m711eWHXyj3V?= =?us-ascii?Q?whCzr1jXwUsmZv84KPk37sNrJyvgMqrbB1lm3McudQBYTiuJ78t7cULOD4NV?= =?us-ascii?Q?hUVa8FxdP6YXufLOH/NxjkCSjAs3uuw6wdRLTEWr5Hti+miFKUUJZudIRJgi?= =?us-ascii?Q?IAd1ZIT+l++WNGzUP+RUZfxIm6wF4kkVKRs/JQlT/5YdudSVTGuAAHUjk3Kd?= =?us-ascii?Q?X66G7O5eYRXXRXAMnWwvXPbxq9RuDlSMBjQE/3HKB3zEx6N6lQIJbFlYFb++?= =?us-ascii?Q?5rln8n52E+9eEtT/+pYxawtRCh2U+sFCvTB5QlU+GyBCbwkQZ753YcuW+oW1?= =?us-ascii?Q?puH54z8uZ+tnlZhb4wHHeh70OFVHOjKiFY9bBIP9COFftdWh3ik2w0cyqPGu?= =?us-ascii?Q?ypByPa6+EVfCqY7HoKPvSuFGI1AaQYGVv3qVUxV8T0Vj3AwrvhSXGeSHB9F0?= =?us-ascii?Q?arVv+0/2nKjqQY/iw3oDQVkEPQ21H3ssDyrZ/NxczYljs0ivgpMTX73BA1e5?= =?us-ascii?Q?FNDQyGmlt83Za32yanlJB+ezSma0aOxtzbh0ELQwQ36JQ3nXN4nnh5pNaN5A?= =?us-ascii?Q?qQ4EZDa5WSKUuc4FQLiqy0RZucDC38hDkSeoh8F0k3yvPtgKMI882dTV2r+N?= =?us-ascii?Q?mcwDfe9LA5/peGUJDTsQeia9c2qQ1WaboI1NfeuTACxuaUCf6qHdCQrSx/UB?= =?us-ascii?Q?JoLRRC6fyhTsWpZz2594nZeNUIwXOZdSlIQLrxbAGFGYwNEjbeGNk0ByihEf?= =?us-ascii?Q?L4R8KYtGDgYjy74KAaP7iitY3tf2jTXzSfd3S+3aIX+1lL5gem4B9jbiaHaN?= =?us-ascii?Q?fHNDQseHwqnhpamIyptw8fHO3e/HEQwKOZB3iM7DeufdnikkUrWoS/VQuNYf?= =?us-ascii?Q?2xPIvhiaN+lxmWJdMcpLnS5Yzgv4obzJ9cB3llmzibEnyVragQW/L0SMkCm9?= =?us-ascii?Q?VOnlAfsu63r3GhikfbQbL6wFrIrUHwAgzM2knBv0Gy+3lJoljeEbANS2ErRY?= =?us-ascii?Q?qLuOE+ArQMwQJUwJJWRzyUczjZ4yahJIN9GbQqU7aSpycq34wX8yj/IaWe8j?= =?us-ascii?Q?oD0WVIiw3Yo6It2p6NedSpvaI3ibu5N/TA/PoRywRTqWkDJzxHfjag=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wcd1Nps0LT9CQu2M341ZLDlp6TBWPhfTaQ3GTBsNOrIMU88ZEnOhnaILtzZo?= =?us-ascii?Q?PSgiOdB42rD2G3Xpbhqwcs10OQH2um1JeIbOsYrhPMxTzXpg4YZHJMs5svAt?= =?us-ascii?Q?F6APvxpWuLfBY2PqNjtb4e/+FQ5dqImy06H7Mp4sbkWnfFHLVfTvuaZMqq0O?= =?us-ascii?Q?DKEVzNGLHJcxuclXcSOWejpuvgf9KXRRRl1QgMRfepatuHsaGnpnN8A1UvNz?= =?us-ascii?Q?V859SAooaYE0tjgZCVbBE0up2NEOvtVBPufSt66MZ+1zDIzKPGryoJS19J9S?= =?us-ascii?Q?xAiPQdNBmfqsYWYQhDP4jrF58ZMP6lsjqjE4NnkHqAhlLp98+me8yje6PUyy?= =?us-ascii?Q?LKIbWCuw/a4fBmAduK83sbmupVR2QxjP/bFUIGbeOEmoIMfILNo4m1Oo1X/G?= =?us-ascii?Q?8DJzIfWZLMlkumq1d1/AxoRCy5fHCjL1JM8I9NYa68r99hZmWNy9FECjRw5p?= =?us-ascii?Q?oSE4L83+oZXSgaj9e+WyrW1hu7opEdliN2zJWXj7gmD9Fu4KpW1YPuipBGP+?= =?us-ascii?Q?J4saLS8LkRoujbif1edb46tch6XayG2lIGpofxsZ7FvOt4pFJAgf/HA/KvU6?= =?us-ascii?Q?ZVVt0KINzivIRpjfrJsIH9VE6NVC6/n4bbGfM72Jr1EHZaDPz753PG56ymav?= =?us-ascii?Q?X+WNXlUTpGRh1O3FkJv2GSdRTsSkMmL8xsRiAFY1+Aybi8NUATyZc9+bxBXI?= =?us-ascii?Q?Sod23c5sApvp/7/abagL98HfQF6ycJgONildI9UwNDwc9zJzumuFctPvr8Ix?= =?us-ascii?Q?zAcI3iDYdl0NnbgSDVNQN17ZCrGu6CWgqXg8xslFPLeomdffX0L6Y65DAcWz?= =?us-ascii?Q?wcHCSvUdliQpMlAcW8SOgmLb/2YUJE+Gj1N8Gq1fXjar3oGf0lomzc7FGi7k?= =?us-ascii?Q?wL1J71lq/AzTgw+eb8/dwmN46UA4UrSwZhFvR2RNX2BMDFl2qXHQvcQifFQm?= =?us-ascii?Q?6X3Wk2xjGR/o3nlbYI4LJNmnjroK40wZDf2gFAPS973TrdCRFHtOOhemddCx?= =?us-ascii?Q?7NiFQbS+P+gidg1LKrc1uaVhsma0UYauBCVZZT2OPLOZl+s0b/EjEDa7t3bM?= =?us-ascii?Q?+80IMkF+buHLXRVo+V01QtDTtn3qj3JxrT7kQhJE6AoE28gZphynCku3T5Us?= =?us-ascii?Q?pZAFyLVo5h0GPGg7lCzSv2gKa8lsv7r7oC6VptQttiLWIL3cKAsHHS2jtcn9?= =?us-ascii?Q?WpbQlkmSdxCJaWA4uvTfBtkGot1aVkDbZ9i+4z04haEcIV+5JA0fKul9NHVb?= =?us-ascii?Q?xHuW5TdMmkyG43pxkmvzqmDbNkMeoIhuqCifzrVfBYcRH3CV29qR7mpYIGB3?= =?us-ascii?Q?6SOdbjGcqB3tEMem2Nh+BbShaT9STVirgFLDrGBfnOhGITj1sizsfPOH/+/M?= =?us-ascii?Q?R7167k2F4/eulV6IH/Ly/V2u46JPpYqRSWFPH7mPQuarwMnUHlpoL1YU5dXy?= =?us-ascii?Q?I2vG7lMeOdCURm6C7/av0bxb20k5BeJ7YGOL0fiKOUATpFork2ec1sp2t5dg?= =?us-ascii?Q?ilXS4LVfBFOMMD/sa8+6+9cLJY4jh6p+Nv/BumHNMpO9DJDTr5AJzhGP+9Mc?= =?us-ascii?Q?9no4TBwqoq1yB2wBdvcn0f0+KebvI1iiJ4VXrQcP?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: f45ad1aa-8e33-4d12-3f7e-08dd8e312bbb X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:06:39.6591 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: glK84L5gfgYhCrvlnnvmVZ4Oq0OK22CGzEffkaMO+ezr/VGuCH4fohYe0u49iWdnoMEt9aOub0HzgDBi3UiqBQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". But afterwards a string terminator is written to the buffer at offset count without boundary check. The zero termination is written OUT-OF-BOUND. Add a check that the given buffer is smaller then the buffer to prevent. Fixes: 035b4989211d ("iio: backend: make sure to NULL terminate stack buffe= r") Signed-off-by: Markus Burri --- drivers/iio/industrialio-backend.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/iio/industrialio-backend.c b/drivers/iio/industrialio-= backend.c index a43c8d1bb3d0..31fe793e345e 100644 --- a/drivers/iio/industrialio-backend.c +++ b/drivers/iio/industrialio-backend.c @@ -155,11 +155,14 @@ static ssize_t iio_backend_debugfs_write_reg(struct f= ile *file, ssize_t rc; int ret; =20 + if (count >=3D sizeof(buf)) + return -ENOSPC; + rc =3D simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, userbuf, count); if (rc < 0) return rc; =20 - buf[count] =3D '\0'; + buf[rc] =3D '\0'; =20 ret =3D sscanf(buf, "%i %i", &back->cached_reg_addr, &val); =20 --=20 2.39.5 From nobody Tue Dec 16 07:29:47 2025 Received: from DUZPR83CU001.outbound.protection.outlook.com (mail-northeuropeazon11013009.outbound.protection.outlook.com [52.101.67.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 37FEB22ACEE; Thu, 8 May 2025 13:06:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.67.9 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709611; cv=fail; b=QvxIvHTc5r2zyOET9diD0V7Q7TW7kVC98Ch2h7UmwxoFgLgKnImlhijjB3UID1GgNHTdIRJULYp8lavP9F8Wx44d3YqK12MS+YlrHKw2fDh000uo+b7eLUkpH6wnXINo1Vp+HF6aaaZSwfaftihuA32W0bq2Q2h6fDjt6RhYowQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709611; c=relaxed/simple; bh=WiQElBmuKPOXjYU77V+5INeTBD9vf/ZwbmAnGwlO3i4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=lgVIG1+eKV3li6Vx1v47ejlRApB++6mmu3GdHS14YEWGM6RGYL6BT1ETWM1c2EXsaLLr9boXzEj4/d+Nr71uPpErWWSM5AFonTXVV6WXCHSt/rQJY1HlaABY4V6YH4O5UqyZXbq+saq/DeWhLVK805ESaADRmgRvxB4rkAR4z6Y= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=bJX7/dM5; arc=fail smtp.client-ip=52.101.67.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="bJX7/dM5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IWChFyzo6+NvmL+O4YCILsTjsRrvpUet8updpRGptj3J1Z9v46ABe091CMaRIxap1MgUJGqGnnt2oAlCdv+YGDxczcdozw7usoRebjBIM5GialM+07lrAtime5Zdx7iR7UTsyqkL4xokB+kByxQmeETU0t/irpEAJtRWdxk3xYyi8CtmhVwAlLZKf9uaX+pC1mv/mkgXuK656oY2Qnj554TeneypReg3zVKF08Cz1sRv87573erntYNSIF+2EYh8JCQmZaZbQGsreN3zR4uN2v1MuXRtLweKz2rGkqYdjRDyNM+/15h7mhknOwQdziBPOoIw3ozGvzTvULwCNq95sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Wcc7V2p9rP4FBr/q9IqBtFrBLynDNbO1DlOf8x3nEj4=; b=XOEipGS7OrCmKUy69PWW0wnxtWTWEl7aIhBXoopjQ86AB66dC8Gagv0RUbgnSMHWXFsNczy/0m1QJET6QQ9Z0qyY31xy2oBCKr66X1fzdgOFhWKzW085/igBHqWwdOC1c7VXqlF4BoxoJLY4EfkpHjJMZ07tPz8ItrWSSIGsGa3S5Q+t5uouQKrnI9XWVOHsJMK5iWs6vxtB5zu270aqD9CZvXtq+AZo8XelJoRLvOZiMtu17vK6UTvWq42HIiCJRre3gR1PZZEK9CbRZXxJvMCgIHjNdl/E6ZAMo6MaqR7vrfzwobsUoYJxegBBPZLagNWxcE2CnvskPNyxL9H61g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Wcc7V2p9rP4FBr/q9IqBtFrBLynDNbO1DlOf8x3nEj4=; b=bJX7/dM56Ux5gfmzpgQ7MLe7fxd9Ov1t03CUmrW3RiapZW6PXTmrZawXuBjBcidHZRKk6Uib1fMSwpp8OS4zjj7km+r+mrdABo+McksRkDJVmypdFbcjHdUljRHgHD88CQ+bO7DU/aicsQYn9odqseISg6fMuIY5hKeZIJCtUSZnyDhLk4wEhRblpj19MVZRhBIM9RQaLyyVCUlSEwnJKdAfZUnF5L0BKJ6T98IK5ZWQ5Ck7CCsM1NXOiCMAi1PW62fon01iUW7PiX3epyBjRWzV6rUZv2j8b8zMJo7Lcpc4qzY/iMV/WDXZYp6RYid0WGa5gw0J6yG3wa4w4WKC2g== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:06:47 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:06:47 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 2/6] accel/ivpu: Use effective buffer size for zero terminator Date: Thu, 8 May 2025 15:06:08 +0200 Message-Id: <20250508130612.82270-3-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: MI2P293CA0002.ITAP293.PROD.OUTLOOK.COM (2603:10a6:290:45::17) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: 24541412-6257-430b-e1e3-08dd8e31306a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?/WDciwgZChe42bjLagepN2dPRLjpGwMLjWrCavVg9C6cQMM+2SSCbAwdouRU?= =?us-ascii?Q?Ds8D/nKsOu/GzR7oboyBBqkjBUrMBxcs0hTd50ZxHEgghKmxU3qxBIGfc7PG?= =?us-ascii?Q?tMcstVIuVVXDaiG/zY2CFw155KPONsJMwyt5F1Zzp7ItsJkRRhvPoQn67810?= =?us-ascii?Q?OAC2MYwPpa/E0Rth6XkcW6NmZ8dEOpxzdUPKPI5W9QR0BY+DdUfwWsDsKhDA?= =?us-ascii?Q?/XZs6VB0eFC8m3XVXF9EVS/Rtv+xke6+4Fa5RHUiSGUUQWaoZzCe0gI2UzN5?= =?us-ascii?Q?DUhgFj3hkkRsRyv006bUHSgzXEdTAJwSmlk+VX9Ht28R8J6ief4t2gdmspIf?= =?us-ascii?Q?F17DKq6ixr/ttUNzn2sOKhqUazewrn5DS6hWWJqmWz1ai05MutyyseM2k0uH?= =?us-ascii?Q?mzYrpoHNC3jshagEfkdqc0C2F0KRicF6GlDoOTzlWj+xfaDBr5B6WuHkuF1y?= =?us-ascii?Q?fkYlxZ7Ovtm0sN+9Ocr31LRAMmxKqiupXqN1nBJMsAsP81xzXtM52jGLJQWC?= =?us-ascii?Q?GaXme0kMzmjplaezlhfOV0oxSj27A8BxjJ99g1dI3UHjYjNYov1oCTi6AzYh?= =?us-ascii?Q?iOJ7un7cT7qHt8On4gmiCZhOrTO5jbTdnbuzJ/wzHR/dUMx9zx0gSRZHXLua?= =?us-ascii?Q?TPXGcRZAd2Q7icFGQ5QmAVVg6QXH6K8/SUJmILO9FMxlqQzJc8ywRTxCIP28?= =?us-ascii?Q?Z+mcRR8l0sBcvt9X3aYzmLu/Xd4b4GMqpxhR1QOnuBWr7Cg3sslGCiaECqrm?= =?us-ascii?Q?dlt0rNiA4+iAx3usTA0E+tl8rQYaQOgd3rkai++LzaZ9HN/fPd1T9vFdv3bU?= =?us-ascii?Q?rLrKzW5tBHW7ntYtVcR6PH6peIJ3DaHwTVXmh5GjHIZTifp5tLElDmQxlgZS?= =?us-ascii?Q?8q30fkznVT34WptfGFqZfYF0wBLxYLwmsRVs9yAO46iIdrJJBbbC422qbJXj?= =?us-ascii?Q?BjeA3ah/A4AUSkoj6LFKHL1XBgWMu5eKcwo2ofjZ8RHwfUOlFRy3uJPATZb7?= =?us-ascii?Q?b8oK6w3QJIM+lNzAA32jHb0DK2PYhl7MvKYfF1wWAKu+Bm6gJbYrbTgnsg4+?= =?us-ascii?Q?reGJREP3uA699P280mXNXboNsa559CNIuaJm8UhqsfGOGdrhh7k6w+ddu8xy?= =?us-ascii?Q?kqK4AP6zMwQdacDgq9y0pLst8p6i0w+9l1rVnMNdbLvog45UznoTmk7UM4Yg?= =?us-ascii?Q?I72uE4q6kKGxL8i0ZbnSWLoNYum1DbjhUFYdyervvZsObYXOIHv77gBi+ufV?= =?us-ascii?Q?GbWLJnt8XEeJSjT4FJ4d7wbmoSQeA31VmwX0f/gGJ7iakwa/NxOj8wifn46V?= =?us-ascii?Q?XO2dGJ20agvY80mkgeX+coTUBYoaaAQqd6TsXBAneE9sY+RKVrluThbbwAjx?= =?us-ascii?Q?PNvhlJzeGD/2HTFfkvfa29E1QSYYB+vo+Q7OoHX8cbPY0BEsFrYjz2+9buGE?= =?us-ascii?Q?bwEyzNLPB6EE6EJYKIsb6NNI+/+4sHvGjo5f6OEDQNvOxMk+4u1U3w=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?25tNyk8jrcFyrOgTW2uNc9gzTaw8JYRVeZVkBzUgtbIO1xXWZKP4KbDBsc4r?= =?us-ascii?Q?Gd0R/LInHYSE4W/4PnPItzToo6QfMA8uM/vyoaCJqjW1D5AQln+MCYhnhLF1?= =?us-ascii?Q?BfKdoM6GIuQLF/gorwcbw3FG5HetK1rDmzacdHhhmz6PBfM12mHSYnuyCVf1?= =?us-ascii?Q?MM4eDIK/lwkB8pYDiox6KJi/aUQD9Vhk/SlUC8jz99PaFVoy0KGzJs7Xh3ny?= =?us-ascii?Q?c/8Bch9lSVE7JVpZ9csqeGa0fBo+0pGrDpNsk+i6Ocdo/ljNEraGtH1UybDM?= =?us-ascii?Q?YK35RCpd0NX0taDf3aMbUYzmaQj2ICYNln5RXg4x16lcE9A4Bw5uLA1leH07?= =?us-ascii?Q?lDCyl9x1IipyHLVfW0+SOOl28YGgSWKYPJh1doss/TZ7gj7PKfXQda8MqCk7?= =?us-ascii?Q?Tu36wxNL32SZJtdGhMZwkPRXoQdqPdeHvOZXN4+GoLzFThYMzjWtmykgRbv+?= =?us-ascii?Q?BripIqSJQLt5orOs9TNeQS8JqwfD506UJII8xfMbW0Qi6fn0Dt7jU9C2A6FP?= =?us-ascii?Q?s307OQQJTQhfiBqIbfBCGOzNQfa8Iuh/epzo0tt3nOhdVwPG4+tTUxCsH2rH?= =?us-ascii?Q?Dvx/oOFTLlurWUNhKYnhD3lHX7KXQ1vYSCNqzVBKfbMWbhMgWJ+dX3Z7+fp7?= =?us-ascii?Q?mmrXfMLeSKCbf4iCaaMQjsquPOY5Ymhh44ZqaUPC5N2Vx2+PAq0qnEm72ZKc?= =?us-ascii?Q?vptZmxOnOnAYmYTGFY62RohuAWWp1Gfq8cXLMoKtTWmkSGNANdFJZEqdYofd?= =?us-ascii?Q?Ffw3fR247xG0o1zm5+Egc+aAOS5SN8NZr7zqde7LXblc/OfUUfnyZ+wvvsre?= =?us-ascii?Q?tDllCJ2e5/OUHdedIgWEUBMIsXiNNtIh8D7VRhci1hiR9nnx6IXNDtviQA/i?= =?us-ascii?Q?DXA3+d79QPzMPiyNA8OU8HoH8O6TU0Fwbp1QqPHLT6Wk0ewlJqLWWcV+M0tj?= =?us-ascii?Q?xxopYHYqLecC65uYDRrluTgLgMdp25aEpGYgdllcpitq7B3SrWvFmxuhDxC2?= =?us-ascii?Q?UbeIa9UsdoQ90EZWfIfyvm7DfCTy6Y8fanrKZgkUeCchO2j0OUgnsl6mQFEu?= =?us-ascii?Q?SmO0r/hinskOqu3FD7KAWDv1Wh/WR7bhDwWzSQ88dZBMPhMNtPC/ThGyC+Fn?= =?us-ascii?Q?55ykWMx1XGLL0jWuNXa01tID5U5z+Put+rYvdpV7JIhSAhE/rg6Iu2xjjreA?= =?us-ascii?Q?E1vDRyUliL0P1Pi3kpd68UNXd2OjZgEQqtlrxyd1z9ZlJqX7UjlGym9CbBUf?= =?us-ascii?Q?i+t7A3kv/LXwdu1QooE2I43r5fvqjeZERIUIvjG+p/CD0dk02X2vYLk21+4Q?= =?us-ascii?Q?TavoqLW2VKxrexjQXEdyKyFs+eY1HDrLkzLGPP7tm3flj/Sg3a3L55a92f7C?= =?us-ascii?Q?2God9jSCZLlWqdKDjIWsdpfwGSSPhAzHgDB3sezG+QY1Yo1lvblqExC5Oatq?= =?us-ascii?Q?9yc1qb2lkgXqEE7R49BeDHYZLO/JYHOsJCWfxqIuy5eLJVDsNufCZgJLGm29?= =?us-ascii?Q?pwKu8Dg1In+xA1OJnd7ED/CC3CgJU9tSWkbCNIGY9wm2hPfg0QdxgOSaAMDY?= =?us-ascii?Q?pXPAYgAbTMKJ4LgUepRJCP8jizV532SNQXVON8y6?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: 24541412-6257-430b-e1e3-08dd8e31306a X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:06:47.4420 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5Hs3enyRHBV3/IIw6NwF/adMyABPy02K5WNnjBlKqc8g5/5W2LyjauWIMxbccfP0/rhaWw2XmL85b7VEPVngvg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" Use the effective written size instead of original size as index for zero termination. If the input from user-space is to larger and the input is truncated, the original size is out-of-bound. Since there is an upfront size check here, the change is for consistency. Signed-off-by: Markus Burri Reviewed-by: Jacek Lawrynowicz --- drivers/accel/ivpu/ivpu_debugfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/accel/ivpu/ivpu_debugfs.c b/drivers/accel/ivpu/ivpu_de= bugfs.c index f0dad0c9ce33..cd24ccd20ba6 100644 --- a/drivers/accel/ivpu/ivpu_debugfs.c +++ b/drivers/accel/ivpu/ivpu_debugfs.c @@ -455,7 +455,7 @@ priority_bands_fops_write(struct file *file, const char= __user *user_buf, size_t if (ret < 0) return ret; =20 - buf[size] =3D '\0'; + buf[ret] =3D '\0'; ret =3D sscanf(buf, "%u %u %u %u", &band, &grace_period, &process_grace_p= eriod, &process_quantum); if (ret !=3D 4) --=20 2.39.5 From nobody Tue Dec 16 07:29:47 2025 Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazon11013044.outbound.protection.outlook.com [40.107.162.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF32B227E87; Thu, 8 May 2025 13:06:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.162.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709619; cv=fail; b=g1b5BMZ6xUrw313F4KvPypLLUIIayHRfrUYyJI9b2t3Z38sqP/nyYT/xgYae9cnZAmYPFEjREhAYvZGTBlLIY7zWTK23Yz67/LZu4Q7Jj61lZCW7qYyvz2+c5GqibTvqWhYVTGrkklM/ImufjVlIEiPXN4r1G7lTmXgx4aXIyhQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709619; c=relaxed/simple; bh=vlnMzlXSRKggMJ3XEkytmbgJFrFq6L8FQT6+37O/XMI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=MaEzgfLwEtkCKZ8TPaysiDffn13Zd7OflysePd+jf9r5K/5kPA7x7auKnQc/VPUERBUHxepv6DAT8jHakU3nBTm9LRzpB6A6fV25dwJqzrliE5rEi1bQNQXf87bMI0XnRhFoJxfup3vgWYOQ/P+sL9RkCCt/7+Xb3aaK3PjON5I= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=skQK5h6w; arc=fail smtp.client-ip=40.107.162.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="skQK5h6w" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NoM88MTYRT3uoYSNp6XEeuxuXN6jbTo6diQvg/4YCYmDMPOVO82SNhOUmVJ1jIvYxVYINyhu8Mu+HLJZNLcNIfy6wLpALjSWqM4JJvGlgG4cvpZ852THnLynPZKHzA89AEe+5EUqwI66LkpzxMjk/KA4nq9c4Jt44WcUoJ4QbaBunFgch1Jd86f3zz17uGYxrZ+Jef/pFsgq8OwFB7q4ub4OSyUllWXjWZ4SLJ1SpC3s7ebIDbbTCCO6BlQG2vQHWLiouQpuO9r3S9u5uDnn+2W6bpV+nKhRRpXZgsirNSyjQ+f0bNb4AHbCs/tkqY4VmOCZZ4EYWuOuwDSl1HAfpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VRDR/onfdWCuzRRmPokvPr/QmVBJp1A2uHl38EGDFFs=; b=NmSTSxkcCF48l+4mKNx0P/isvQKrb/BOO5pcA21P4G/8RxIj0fswH9xGnsKKhx91UotqVnptceDukGe5UQG6UTP8t6awo8jHzAU8+NEgik4wiwio2IxHGW+Uxqo5jBe+zFn5lyIebvjlFkqV424aVRW/dQhnaRe2yhjopvkFwe5JCLjjfNCX9FownjR4hG7jnQEJm+Xgv+Oi4ADKkkb5+w7MMayeX0tWpf+Y5tJwrfWwATEfcK3/eP/Ov7Rgl6VIGD0Gdc+8AMz4athx/5zs6CbYfD14x9qQgw/BGE/c6+nIY4SpXyMz0u5977eHy49seinE6zhRH4kxVd04urFoTQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VRDR/onfdWCuzRRmPokvPr/QmVBJp1A2uHl38EGDFFs=; b=skQK5h6w4o0EIPnCb+YWdjaUdySUHrcMkc0TTsLddxXiNO4M5Hr3yidf2jchjPW2jrNVnhZGvy9vr/drGPn0n9miPaRWM31aLUl7TDe3Fas4OEayDgi2xqhh0NrZCglc9Md+7GUETmgTrEbPFEG86eff4Qt6HetxvKzrS8/jof9qejZ4OLuBvTWeEgGbHl0dFlDuNMcb5pO/RZYmxBC7/FqhnH862UPfva3dqyLjE+jBH7UbCL2ZSdum3XD/YF/RX2xhMCgoo8vwmv+MLIN2O88RZbGriC2KbP6eSG01awg69t0I/D2msG6JeyCYmou1VMnSDTTGGKjSxtHkjJ2nlQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:06:55 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:06:55 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 3/6] iio: fix potential out-of-bound write Date: Thu, 8 May 2025 15:06:09 +0200 Message-Id: <20250508130612.82270-4-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: ZRAP278CA0006.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:10::16) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: acd65b42-e60a-4848-d383-08dd8e313527 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?3XPYURECBMz6fAEhTDgi69k8o9VhuM5rlAxI7Dd9NjRdxvz0DhjLYhs8z16k?= =?us-ascii?Q?KF2WmDy4kJgXu8feIXMrYSEj4YlN7uQ4fBqzD/NXBqUppLq/0aCLRTJGzypB?= =?us-ascii?Q?nWAqnt6QpyX0NRAPd81OmOChx5UaN5GtbYk2qPPU9CDQMBMPEk2GyQOfZlMG?= =?us-ascii?Q?vcNkAg8hBmuftlKtdGAVca4r8lbpUpTNI1bdKDgXwFaZmp/hXIQ9KXFj8KYO?= =?us-ascii?Q?ETjpibs+5nyKWiVXe7c0kGuk7MkGyhBoJzqXqApQZKO7+xzpqBFKUMD/jGtl?= =?us-ascii?Q?h+sAmCnHsGLIhodk/0LpDemPAMhYON5ZWlj5gLkC6JvR2vaZ0pTzC5GtRYGw?= =?us-ascii?Q?dtnOi9RpOCoFk3JLoiSKxrdAax/HIPBKedeJm8eGyxKeRQ8Nvqo4aUcaqLEL?= =?us-ascii?Q?i41YlLxwyKjO24WpEjqulaesYkXjuvX4ixm8LozUmNbqmFxQjcmQqU/pgOOQ?= =?us-ascii?Q?oXhh4CdScqx7S5rQ6gbhiWtewmiuA0rMKayW1I/Yjmnm8DV+k21cY3d81mQa?= =?us-ascii?Q?L6GhmOIzL3wJHWhN+T6lvjHH4G/EtQ71RVdtijxYmoZrNE6vJv6eNbLl+Bii?= =?us-ascii?Q?kKjDpciNILWei0AVFUUXOYXwajVo9423MI1Yuyqy0egFDoXSDePdUeWH+VQT?= =?us-ascii?Q?1UaWsLuSoojArJA4nM5dA5xfnZRsQtdAXI+vChMp+sav0viCRyDNVZSLYs2I?= =?us-ascii?Q?ADTsEFzV5Y5S/5SLkLB78OoCMcw5u8yKgtwDEh9yGDkLHQO3YremCmTGzFHL?= =?us-ascii?Q?uqad2rTFj7xsNxzW9zLVwgP+dAbDK5gAmo6vWuYIq8moRd0gVVa5TrKtlE/2?= =?us-ascii?Q?SpoA1/hiO1bn6qn1/UB5oYje1cdESfR1GRARt2MMzHRWxx2uEr8kKL/StAJV?= =?us-ascii?Q?fsVXL3m91+gFKymx83kpY4dU0oLT3AQ4VBsTrOr5BLxBYIEYNt/tewnXD682?= =?us-ascii?Q?Ht3AthXGYSLIp/z3tb6vZ2UND1uA25Sivp7iQUqOr/ydTtLHPjZr5AxLwiI7?= =?us-ascii?Q?D0mMd8ObHVHuZ2d/HeyfqPb5PZm+fYuUFguzDR1kytUjPnS1CheOoyxCNoXo?= =?us-ascii?Q?wbNrj7KPgttY+chd5tj3C59LcJG6LG2Rdlf91Rn/7A4q4myCAxc/mh3i5bwQ?= =?us-ascii?Q?w2lv/KiEkGH2k4S2kw53Oj1oAv6vXTUYPdJiJr3vFNvSftydimI5nNo2YPGs?= =?us-ascii?Q?LckMSPwXephIe48ojlHXrsKHayM+zVsesc/5zeFF625nqvKKtRmjzhwcvC9k?= =?us-ascii?Q?zHzow7Yv3+mLlzYY6XLs6TqGkwQkMkxk/mDICDd7riR/ZnWouko//lC1bQAc?= =?us-ascii?Q?wbSk0zhKtPq4z6rlSUjGwzurLcbpxzQOa60z2DNxkWBZHPogALbl4HXkxlRH?= =?us-ascii?Q?PShX9Mam/9eSm93j/NS48yDrnJiqCJMlZ4TekAgI8kFatryRfZk6GQMAM4BT?= =?us-ascii?Q?OlEBcz6p0jiXHky75v6VgsEx6a15Uh/Fros6buUtiHG95wsfqfm8eg=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?G7TZt4CvpD0XR8WQZsF6nqIGynQ78sbX5LPNdN14B0OHNwsZoawpuQRZhW5Q?= =?us-ascii?Q?6NL21wxTl0AsxldA+2GzSy4CDsMXCOyfPfZkyZCmFJKekNSemhB/OHOKbezW?= =?us-ascii?Q?8PVlwTZZkFAtempfGlJ0mA3cLjQv/yKZ8zQfz5N88rohZh1p5rTi2SsGqnVv?= =?us-ascii?Q?bAkpNELA+2lCSzgC3sCuFOGWeybC3FY5wB4kT8HtZ7CrFmM/UTnGBU/6MtdR?= =?us-ascii?Q?JD86CEtKNMUMqyQfmg7K0luwsy/zc7RRO3EKtXbH0FnNXDQlSxZl2IICsHcX?= =?us-ascii?Q?gyebZHDhxxuuPtElx6MyqlJpTMnDz95c7kcQwGNvt9+pIWExaP1U/psJBe5B?= =?us-ascii?Q?sDlYyaKv8QOJ8UjM+LcHJGzL/sWD9wycNWDU6JVjYT0YJOdpd+xnGBF2XmG3?= =?us-ascii?Q?KcutGC614qX+7d2A53g+iFyB3ValuUeAwG/7Bc07UsFNMfVkWdQCBRYqHvyZ?= =?us-ascii?Q?N7EpzIo/vBe6TNP48Iz8m3qqsaWVcxmjZS5PfzmRiIZkWGn+b62Mv4NXwbGa?= =?us-ascii?Q?wBj3cOy/0ycuj2rgWZEzbuqAgNT4bRKYonozDmB+hGv9V2JS2v2+5VYP3jy2?= =?us-ascii?Q?T4UtEla0PPtO6zL9wPifdlLAbMChC2ulD+JODtkk4hs993MEq8TfdvM/PUWu?= =?us-ascii?Q?QbLvTKPc5XNOP3hYV7uO0r9HX8PR2OR6MWfeC+8a/kAPfbASIo+nyaJHkrdo?= =?us-ascii?Q?pZVjbdoawqAl9o9AwtSKd+SdQWMyNkSoSxhrEg1b+TZSUfSLU25tcJK0NewK?= =?us-ascii?Q?0e0XHuRFEbFvpYsiMpciLZLq58ITq10Vf3NjCl9W2VgdIP/RGBpEcRoG6a3w?= =?us-ascii?Q?lXGtjVscTZml9dlu+FoTd6B5SVj7q/tJNpMyhzna6CbFdvipGMBa2d11F7zn?= =?us-ascii?Q?8fOU0GMLppGBxgSsqE4DlOJya9tFHlorZQDqCmxbmf9D5OuXlu08HbJ+SFWs?= =?us-ascii?Q?SQuufD/aDACieYMJP949CGexWLps7pyRQ5FW5547HyrCF1IcYTp68xcss4EP?= =?us-ascii?Q?Mt28W/Z/3jNIqUpBP/zPkszDBfjdYCVV561d3QiEdjAsjL2JyBbymuqpgSfw?= =?us-ascii?Q?7f00nSjKuNbN2/x28V1VNizYquP51EeCySC2rs3FsZiSc/yorF1vZSv4El9U?= =?us-ascii?Q?U1mXpoAM/IP07bPVzr0ONieLcxAU/ZSM0JhjmemAWU4xXKmxxHKSbZgp8Yy1?= =?us-ascii?Q?4zVVzOwKNmMQQR3h27LyhDKjFK8SYgkaWmwW7vtenFb5UcCWU+pQAwxP7PMt?= =?us-ascii?Q?ORmJE7x2tfIbNi8enbZYxSy0RD5znp3wuU4YSGMgccZX19QE2egRNUwwwl00?= =?us-ascii?Q?q4JfpLHjI9lCKLT5r0rYcYEN7SRTEZdVluedTKFMUBPkWvW4cbGbGNcKGktO?= =?us-ascii?Q?MwJYirHguC6Rg05oboD2MFzOkUMaBjXvRz2b2E9n4C43HjeQAQLSjsuMolQV?= =?us-ascii?Q?mD6wA4KMhJRrLjShWdrvqwdE/DikwUtnyTWsj4GidBdfCvTDJ3PuFf/OnFUt?= =?us-ascii?Q?AqTTHsqdbUyQLeyc1VGCsOIsQ2pmQRnG0OVq3i+/+Z8Lx3byQidSv//rC1g7?= =?us-ascii?Q?bQn795tdCGGFi8OFr2Nl1yJtZpw6qvulEv35wWlT?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: acd65b42-e60a-4848-d383-08dd8e313527 X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:06:55.3602 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: le+jr6sQGJ5ZrccxKg/zDx57d9n6NW0FXP9xtZRwpmfcvdoRicEoBLKcOHy5ycGodIK5NS2Zff5/WqtCx9iHcQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". To protect from OoB access, check that the input size fit into buffer and add a zero terminator after copy to the end of the copied data. Signed-off-by: Markus Burri --- drivers/iio/industrialio-core.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-cor= e.c index b9f4113ae5fc..ebf17ea5a5f9 100644 --- a/drivers/iio/industrialio-core.c +++ b/drivers/iio/industrialio-core.c @@ -410,12 +410,15 @@ static ssize_t iio_debugfs_write_reg(struct file *fil= e, char buf[80]; int ret; =20 + if (count >=3D sizeof(buf)) + return -EINVAL; + ret =3D simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, userbuf, count); if (ret < 0) return ret; =20 - buf[count] =3D '\0'; + buf[ret] =3D '\0'; =20 ret =3D sscanf(buf, "%i %i", ®, &val); =20 --=20 2.39.5 From nobody Tue Dec 16 07:29:47 2025 Received: from MRWPR03CU001.outbound.protection.outlook.com (mail-francesouthazon11011047.outbound.protection.outlook.com [40.107.130.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE55122B8AF; Thu, 8 May 2025 13:07:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.130.47 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709627; cv=fail; b=ACokURqORUd3RWV1BZZK+KVKCBeLRih35AtuEWzANhtcVFeYTOSsa0nRkYg2Vqfd7TEhl5SwEnQFnYq3EN8ZWSvUnQGlWr7LQujdios9c36At90sIas9hQOpf8YGVauCiLgCRbbSfQjBK8Hh7DmPUT+u/pcMqTMl5nu5udfJtTM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709627; c=relaxed/simple; bh=D9Zfy959BpNUXPiLAfPngwy0Zd6ha9BfcppO9djMeWk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=k3V0XyGbeLOzsOC2twBLwSNaaM/wlmsNThY57v/fUrryErIEtxkLHmPdfXgE4BYeZRlaJCU6YcMoat/nPT+zwlUBAG3ZFt5qE5hSt1+HvwdjzThcQUzB+03uGDOSVzBDOdrBlycwosYchvc0+zuLrpHKjvEqLyAPiEQvVK8pgNc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=iizF6Iw2; arc=fail smtp.client-ip=40.107.130.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="iizF6Iw2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=zDBf+54gTaufHajsNWZUGSiH6ewEVZ7ZL6EPpRq+pbe4F8+jBXa7kKm7+K0ozRwD0BWqecUZDOE5jp60OMUzgal6YMk9iT288Xi+urh/+77HdRt7K9tgU/+tMobQIjOruaQweBsTpg45+xiSIpZGCdj6+TZkou41dLmd/duEy8JfkD+2FMCwLD7cbNWAJSCcGDdMhhnBaDianxhua1yAFv1v4OQwVA+BR5i+2uH1oAy4Q0Mlg8IqmJX0hMrgTm5DoJJrTc3Cbd31VG8Ljl9UM0pn8tluFoD0mf1VXkLZnMBn23/okXy6QXUplcyk2aVKwQe82QZuHgHXkVh2jLOr0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tmKj3I0cfwPhHUm8bLliVD/icz5F07yr/jMTgyoGZfc=; b=p6KjqoQdjfciXoUI47ePDV7JQsJrpZbXAjSV7F/efYaYbMUx9n3LH0ALrHFs0IE1KDJMUow3dc86XNG6Nx0pyP9s4z3W0GSBFzJByF3nx+ORLJC1MeOuiPcZqvLVSqk7yRCbWTrCrxjRyG1DebvfK0wdABVZjziUnL9x1A8zrNFV7MX9p/LuB3ojAunaFaKSkkbn7hcHZE7c4SlHHdBHr4AvT8WOmlEg0WlLWYP6i0YlzpWpgBmeRMX9plozdeWdvIoGlCOOMwUlFKZxmz5w/pJHa6yPDZ++ucNd1howFXdHpdHx3UCPSL/uYYSWeXklBRl5TCdGROHFJrn1VlehGg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tmKj3I0cfwPhHUm8bLliVD/icz5F07yr/jMTgyoGZfc=; b=iizF6Iw2SPmRURHrZhTRIIT562pfeRii1XNKGCbgqWBgdEXx4/cmsKMSWwTJ4ZoLYXKcRLnIbUyHyFz94UBj6ptsglxDHuqF75oAQpoGidJOV1u+0tWl9ZMRPnp15lAGRnrq8dcESWUKYCx6pSTSN5BQHWQjyhq6lYwNSc7eOB/v3+zvxs17zkazlEmWsa42MVWKePcX9rFlvosjRSGU2BLlhPHOVDVwwWSxPDjFhJqEAEJhaLB4e+NQhxPXuz+XDbt1XfkadkGYX8EzMi2aLb9jk33iANIAi1K5Vl/dqOWq2k33kNE3SrLQGrcitvZjTmzURz5KbH9EwPjDGmWnYw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:07:03 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:07:03 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 4/6] gpio: fix potential out-of-bound write Date: Thu, 8 May 2025 15:06:10 +0200 Message-Id: <20250508130612.82270-5-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: ZRAP278CA0007.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:10::17) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: ee0868d9-91d8-48a3-35cf-08dd8e3139e9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?CN7EeLrZ2p4J1Bs6h93Hza8PNBfYN0reYAr6F4tf+d5eZUXibjb/vSynrHCI?= =?us-ascii?Q?sv2bel2+YL7rDlwai+EBGKSh+4R+h7YJdhG0LOpS4I3YOjjWMtVZMfqvos1J?= =?us-ascii?Q?UfbbInttTzV4Ci2kuyTZE3z7cmMfgqjfIL80jNAwEzZwGcetlBDOUMjzkWx4?= =?us-ascii?Q?bsWtFnzReTFSPgMUcgntVrEBoOjS01ebXPwtZo78AVZaxIMbxZuF/RnPT3Gb?= =?us-ascii?Q?frfj43I78u1j57G8a+cmqszjvWSmrW3BF8PuywFGpxVmJAGVvNT1YSe19603?= =?us-ascii?Q?P8ZvPhK65KVGJplaZZy76ReOZbrLguMVrqzToqiJnIXKRRhoaNJ3Hpj9Fvt4?= =?us-ascii?Q?aGK1ue57Ndm3lj21q2pN3KLzFB773LCCntUcO+qkbj7A8fKuRQIJoPhGpuzV?= =?us-ascii?Q?N2eNSAJwlNEhP+IPmEzJSVsb0wuW0n50bUAGtA7BesIloBvrGb39WBEInfUt?= =?us-ascii?Q?GL7dgYcYk3LKWKAKBlaWvMSIq3LDzaMdLeQKlZyjblzDvS0FzQtr+lG8X8hz?= =?us-ascii?Q?RbYO6tCw1JRuExG274jLONrVRYgsZtcNzleCxpW8wKF/2JXO3NWoOYT8UPpx?= =?us-ascii?Q?zTo4OFsnTD6kFOuijP/5Czl+oA9EC/vQdC8FCHVZSyPjvfXkaYEGrLQm/E11?= =?us-ascii?Q?15vbYG1LiT1D8BuVhRV/2MKDQNJHFO7EJSKoanhzAjmRMBG+rWdgNFs8QWj1?= =?us-ascii?Q?T3Wh7Uif+9lmwiJeYsjl864N8PPrDA7cSuMk0OXwl6HEdXSmw+9DoTAp7HeW?= =?us-ascii?Q?EOoKQEYemM6HYTeIc+1he9MDJ61KeDb1dbT8OtUECt6G+0x7bwbvPBdiSMaP?= =?us-ascii?Q?Xbjwb55qj5wjRBeUfqumjQwii539aptCFuW4/bXyULgif8ewsUc5XrgG99OU?= =?us-ascii?Q?BxPYGB97zbgh9peAk9piWyHh1Boudh3QEuGZjtyE1Ea+VG2l55OpQAqAdaRG?= =?us-ascii?Q?Ez9GJF17ycefX2rn+e2hXXlQP8oJTFg9/i5wFIG/CPNF2J2cMIC15X4zuXJr?= =?us-ascii?Q?TxDvBGAgw+rKatyBRSRGL8r3tYfkoeCESRAwzpewhRn3P8ZJPZQxJS2X1+/Z?= =?us-ascii?Q?kOHhjs68yfhBFA8NQKgjl69iCw2yIVp3LnhXspRxYdzy/aupNUvA/RRXRK00?= =?us-ascii?Q?zQ7ufGrJoTcb4f7UL3e2zml0iFTvQxURJMd+JdFx9BDjeeFEBsgxacWMGz6e?= =?us-ascii?Q?wVztfWQkLkkhF1VtpKYPtKTn80sJ02ONGCm69rzPvrHWEgp9XAPX2byqWFFL?= =?us-ascii?Q?MnrKP/ru2ZysG7/RGTwCCV0rIijxIrhHYLyp/kYXy3rcHuDC042W5MYOgBpQ?= =?us-ascii?Q?9SVQtNOHZVsZCdR91nKY2AMD0xP6G0QOLLFHML9adt5rtxM7LcSgxV6m3cDf?= =?us-ascii?Q?hX8t3eUrPh1vLcvT8SAUb7vu262CI4qXQCRD588Yb2XhEbqqEioD0VNuOOxD?= =?us-ascii?Q?JUz0dbWqweOKK3D4tA6o8+uemBqzdzHt07nUSRttPr5WkHyGIV+3iA=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?nKIOQrLbFA0QK4RbcllreIEyEl1t6Y7ZBo0EGVF24TWWXYZcr/5vxQ4tBwBv?= =?us-ascii?Q?s/vWUb7toLMk731E3yr589Hpg05cWh8xnBJ+M0mg3otDI/TPfecv7JAYOl/Y?= =?us-ascii?Q?r98yUsbQhQGeBFZJLxctNjGYnMviElZ9pqFjc3LoAqQ522zVUenPhuT5E8xs?= =?us-ascii?Q?1CbKs8PvhVTt8yIlTGIgZSP8U/7vpsPy48epZ4gcGhOrlYM2OlbaLxlk8lp6?= =?us-ascii?Q?DlTkTWpJHLrmQWhrvOsrIg7WUpQe3637z52yGFNgBetNzhyfkksDUtFMmnPx?= =?us-ascii?Q?L3UmdhaiZXez0e0S3QfdX7nx+hDRPjsOwOUQl5rco8xOYCz34Hd0AND2vfoH?= =?us-ascii?Q?lQzpCH7Nz1nRWR7N2nKeJwABSZ/nW5M91rAlkwDsoHv6Lhq5qnJ8o+WSRLC6?= =?us-ascii?Q?BRzZ3+sS2G2IK+ng24J/rt7gNGSYdoZe/ja/G2UU0caRjOAgvaXrfb+OxvWG?= =?us-ascii?Q?2TB4y/xDhehvB1xMINF2LaDCk6eU4Ot9nEIGLj0RxtOmTx6GnCyA2dWku54Q?= =?us-ascii?Q?CL1vLykeGtfnGRdPGaDCnv/eRB6qEAUy/+hSK1U2S1nbujrdKKTRtujjEiy3?= =?us-ascii?Q?2pvjm9lPGRG8+JimWk263U8LO95EHreTz4ZR0008KcOxxd1ZLwz9th6yhZ6Z?= =?us-ascii?Q?I5neskZ2aFzNozjH0At+4ZX+LVcYA2qy+wxRtQLLXE6Fcjx72GCJP6/2t9pe?= =?us-ascii?Q?kjXBgDzFRyfzLQMCmwpK7E/Y76LffE3qTK4iPnyXac7+TchtLWws0kSTtyLz?= =?us-ascii?Q?iJFF7+CSoK1pyH+OiygVDEJeWlNb+9U/MxIDdVKlgQIOghhhNhhIjemI/tmm?= =?us-ascii?Q?qaTVD5LX6L6awKoOOBjtMfOxtPveMAzxnEchxVrykjRlS+chERFilrk4UdHQ?= =?us-ascii?Q?Ez06/1TjiFCKAziTXDL2QWltHKBd3173pw0qO3oWgKPbDqwVlmbqwqj5LzUB?= =?us-ascii?Q?XXsikWSUvw3j8beDkgbUVCTTg8yAIuM26IIlFBR9OJCKGfo/dt8xFYqsS29y?= =?us-ascii?Q?9UKAQJiPC7yJvlMakjyO00lwJiMr5Ge2lIbFCBx8I4XxY/Br3t/7bpEVbBmb?= =?us-ascii?Q?J2OMyuiOCmnPMAd63dRva3jAcKNWFA3O7zXnp+ayJWqNpQoYr9xGRBNR1ajy?= =?us-ascii?Q?qlKTntJz8agqduisAKqvWBNWpolcKyed2DlLgmdAp6qqVAWlsKvTi2iFP76e?= =?us-ascii?Q?kJlxS/f8wEPQPuAgK39gr0EdyKjtAB3rfc5FyLnRsveqa2X9Gz3mwQEgjcKY?= =?us-ascii?Q?DqpCYdZ///6umTXutbc51Jv9ElXgY/ytYgaraENmSb5MgXZCn35od80NeOMx?= =?us-ascii?Q?WeRZJVOrpl1/Vn5v4avTtl3xHtdonxsSFpqtDCe6XQNhHVJ0H8cwS5SKtRx8?= =?us-ascii?Q?Opx3XHdWi7sSI0L4lQjbYxDLR6E1/pskcqu/6agS0zrlkbA84kRF3tlLo+bp?= =?us-ascii?Q?GTg9e8IO/+6vHvux+kYQ9cpgB8XFVIEXnAYVmXs8YpceM2OXfr5Ae6+jlL2a?= =?us-ascii?Q?WpVrgYhdcdHBfLWK1lcqskdGjPa6OX1dpoo0wF4tvxsnZG5V0tlw2eDknitD?= =?us-ascii?Q?bE86PYildXvwzWWitrN0hdzdmnD59y1jGvJW9fMU?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: ee0868d9-91d8-48a3-35cf-08dd8e3139e9 X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:07:03.3648 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 7Tkg642MgrvkQqvJynpwN67/YKMsJrUQqrIR0dlGnk4TZ1McMTRuns2OxmW2j6i/XM60i60IrQ4DuUz3uMy8xQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" Check that the input size does not exceed the buffer size. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". Write a zero termination afterwards. Signed-off-by: Markus Burri --- drivers/gpio/gpio-virtuser.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/drivers/gpio/gpio-virtuser.c b/drivers/gpio/gpio-virtuser.c index 13407fd4f0eb..9f3c491f5af1 100644 --- a/drivers/gpio/gpio-virtuser.c +++ b/drivers/gpio/gpio-virtuser.c @@ -401,10 +401,15 @@ static ssize_t gpio_virtuser_direction_do_write(struc= t file *file, char buf[32], *trimmed; int ret, dir, val =3D 0; =20 - ret =3D simple_write_to_buffer(buf, sizeof(buf), ppos, user_buf, count); + if (size >=3D sizeof(buf)) + return -EINVAL; + + ret =3D simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, user_buf, coun= t); if (ret < 0) return ret; =20 + buf[ret] =3D '\0'; + trimmed =3D strim(buf); =20 if (strcmp(trimmed, "input") =3D=3D 0) { @@ -623,12 +628,15 @@ static ssize_t gpio_virtuser_consumer_write(struct fi= le *file, char buf[GPIO_VIRTUSER_NAME_BUF_LEN + 2]; int ret; =20 + if (count >=3D sizeof(buf)) + return -EINVAL; + ret =3D simple_write_to_buffer(buf, GPIO_VIRTUSER_NAME_BUF_LEN, ppos, user_buf, count); if (ret < 0) return ret; =20 - buf[strlen(buf) - 1] =3D '\0'; + buf[ret] =3D '\0'; =20 ret =3D gpiod_set_consumer_name(data->ad.desc, buf); if (ret) --=20 2.39.5 From nobody Tue Dec 16 07:29:47 2025 Received: from AM0PR02CU008.outbound.protection.outlook.com (mail-westeuropeazon11013042.outbound.protection.outlook.com [52.101.72.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 128BC22AE5E; Thu, 8 May 2025 13:07:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.72.42 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709638; cv=fail; b=gPBTskq+QWIqDeM/uCLOFN00MV+jmaJ/M3ODM1/1QmxcylM1CWNNjm8TB3b+W6svhEps1Sloe+CBLoCZ/at1kUNcaiYlGo0XT09kRpMvYaK3WR+IwHTHZM6R/ToAbuC6XFt2UDgcWQ4CkF1a1gH+Gt/nbkp7XBLrwEkmGyxZItI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709638; c=relaxed/simple; bh=tsh74Q0MdhPIR1Zj3v4HiKOyTX8e2UIFoD+IBErfiCo=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=sRrUTwJ4griFJvnNYoezfHCPewbRb+D/jefjLCo4QcotYuhTEU96Oo+zWLABF9HxxI442RpiKVqd9t9fWZRBrUx5OHllOOm9OoYERRquyBl2d75cWQRLvVAcn0PHXyZWq+W14vwbzaq1jgKaPiNDGn5p9hyD/tpO64RBepLVVpw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=gqm5UuuJ; arc=fail smtp.client-ip=52.101.72.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="gqm5UuuJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=bXT3XxDZneGsl4DD7W/UbKsBnsDeL4AeTyTRzbRrITQYBiGw9txxZEx5HAajvtwQWxMSEod/IWleeask5J+IEzHbpn2x607cwXG/ZfwNcWgkpfNNlPuEyfAIxhuw2ubXRXssqw7Rz7Tk2HJf4oEp3mKLdiCUHibhyRyV0hMKqKoJ22E/Z+GhhZBgzP0+NeyKlKHqKxz/LgtkwVtYQ7nH+m9R1HPSpv4IZZlkwbrGfFjCK8ADyxfXukAFRsKx1kPQHKKRiToPNw3AIrhEkBfkcC8yp2qzZPfqtiQm9LaIqjmYAFJA5ZaXRQojjrLB1uLJv2d6IOmQbszAaaV1uwC7cQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=S5F41WSHzCATAWBZl/xM7lrGyq/XeH1P31zMh2fxr/g=; b=W53Ci65v9L9u2qX+CBVGm9KuMkwi983EMw87O+7A9U4063vlQuiEvwOJVTRnaOuscZpu32Q9AEOrhrvaObdUdrKNYCuG2cJnJ39ksXp2avf7O4xXmEHRgIANUc+DtSf+sYSoDL5n6PCYxyJvTGRcWawHwoMcvevjE9SmiYIzOGXxHaXCewJtWOAYQFu4317S8C6CHzwgT/cU4vfT1H7bNqAY/IxFqdaL8o6N2RQM0Ri0nBdbGc2QMdNzZU85JPXPZNAUr2C9BJUe0GR+k6BVclCLrNFswiDpJ21joNMSoSV4WuN8dF5TwIgqfsQDkKklzgeril4ZfwhvKiUwrI/Z1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S5F41WSHzCATAWBZl/xM7lrGyq/XeH1P31zMh2fxr/g=; b=gqm5UuuJcqTFu+wiaVy3MxzDnd32sggllXLk+WzC4IOzKxuZLxyI3sDxYcWcXc/r1rtpIfAPsLLbdliVkNwbsIx6Z9SRmNzhKaOXaULiJh3zhfJ5+LjvwApCjyxW0XiMq6w9sFXYFiJ6ASnUxFv83vpoAYHzIjfR1wr94YvBd/fj3i9ZmVabI3BALZIK84tD2s5/z8PCqJG30FEreDotpkrOt5l6tr8e37HvnaaPZsWNNOQ2tP95DRiYpe8EKqoebLvc7mGrEOLiXvWSh7uHaeoRacaKx4p9TOGFSNx1bKFw7Mqp0CSy1/kohcDYlJurI5ZIL6kt8PQmdYGE0H8SKQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:07:13 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:07:13 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 5/6] powerpc/eeh: fix potential OoB Date: Thu, 8 May 2025 15:06:11 +0200 Message-Id: <20250508130612.82270-6-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: ZR2P278CA0010.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:50::14) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: d942e158-cec1-4556-2a75-08dd8e313ff9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?i+eBpRJ4YrvktpJ9eyQCVL0/0ZXYHo9S0CCnHdGRwhwxDOH63nevPs8DGY3f?= =?us-ascii?Q?ExITHd7rolVi5x/Ile2sHulaelP7lkOLcZr+XJcHQn+wSiO8cWBJnAnbQCWt?= =?us-ascii?Q?UvKBCtKUhWuy+eL0csGYoiSWIMbIUpK05hyY3zB5NZMUHd0BGaf00HDyIr4z?= =?us-ascii?Q?qT2jpTHIBAD2MMArbCI4jIWq3WKoUUg++iAuQjo5omKw3DGZ//OppweYpGNS?= =?us-ascii?Q?v4qrUqwJgB2IKx/d3o6CBwhonufpxZ/+wqgH8GYpTezuANEn3OkmQwA6kJ/E?= =?us-ascii?Q?Ceoh/BFcqKdko3/2Q9eKqs+dKqjC/tXfjO4R5vnqbwtdSxUBQEuqCRuqK+M5?= =?us-ascii?Q?xNhBVjucn3sWY+ZSsW9Wh4NWva5m5PWodsJixf63L1vGooWCFPf9OLu6T42z?= =?us-ascii?Q?IO+Q9VtqwPFt6gv+m8sllWB3C91q5GdGxNCqojGUMD0PqEK3DImUKQSmWIp9?= =?us-ascii?Q?vQIdYx7yQ5T+6Z4RuIViQgdFNmSV8rHgoxatNLpwvRaYL9L3xh2VoXv4qPWG?= =?us-ascii?Q?E6RCxJ4jIsuY/YcxUGJSfBvUOwe1z8VCZ2fZXKK/d7NmgNE1UQtrj14Y0h9o?= =?us-ascii?Q?5ZkCLjy7HpeBTfxQYWK7lU9f/OARl88yIM3/AL2s1lYksViu1bR0yaZ9rHEZ?= =?us-ascii?Q?7QkW5X3peuYIrksU/CdymIdgXmjEQgaLu8iIzs8fTKsMgcC8kC0cd3DOVekZ?= =?us-ascii?Q?u3cvxY8KtHxmJAfVzAOs1RnW1jWOfDfR/iPkkPZCoUM3owjKm20sEczohtcz?= =?us-ascii?Q?XW7PnH1okyTzClD1iTaP1pKXUcjjiM1bYtV/GhT2ynzOFqM0Dv2NhqKLijrw?= =?us-ascii?Q?N4QhlQQoh4HWP6OmhuBmQlvIbrI5MOIWx3vjFCR6WqwvMA/Q9/TvR5neKjjE?= =?us-ascii?Q?/9jsjMDVZ9151+K4H/+XlAmTHUVDvhF60Y3jqLAsh1fytGjdZNaZd6Iyepc0?= =?us-ascii?Q?EA+YL7t79GSiLUusgnw6rFX/k31yWCTMyN+gCqLglEcDCSQB0KXebzrWm9iX?= =?us-ascii?Q?bX+FK9XPT2gUNu96j9St9SnfaQW/ZiyB51BxvwbB04FC0HgbNZqeLeP0xwCh?= =?us-ascii?Q?qDqekvJVBenz5SNLxAggiPKIrdQJxFRROKpQjY3V5O/aw0aFr5wrrjP1DzW5?= =?us-ascii?Q?KA4qfy5pphzsDnxLYkSjr7NJIhT5iYgklYDup+oNvIRfpeKrpWjmLG6qMpYU?= =?us-ascii?Q?xTHUlBmC5XhIFO6zq7UUtWmgp0s+lNWb0jhrQfL5ZtUIR61abbCLrI/ACQ/m?= =?us-ascii?Q?pB7xn6eQHyXInV3gUDv4h/jZPguqegzb1GjDoMycOueBaHlNW+TL0+d0c2fh?= =?us-ascii?Q?qdSnZVh7SE6wFh+usDW5AgzNkshKqUoPxun/nPSodbF88hCaxBHoJl2r1OBC?= =?us-ascii?Q?IbsFb7BJzUtw4rri+PKrpocgK96NMpWBCsXWjjL6A8QzA75SeUHxo4i3xJjG?= =?us-ascii?Q?PkyK07mmsmuuyMgWpK6zbihLLQqcN4pWH/l/382weYqrRMu23v85Fw=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?1Zh0dIsPa9pR0Tj453r9azWrgpcqbHNs9wfiFjiJ/EOIu+LpBhz+QAOiaCBB?= =?us-ascii?Q?SMWvvrE4bSWDth9ktcOpgP0A3YuEq7c17Vp3uha3oQTB6Z9YGDZKXje4NhhF?= =?us-ascii?Q?EZMWgK9dQFbv+JPNldivCC88O0X3KLT420SY+Mjj7bBobh71/0oPFYg7x6xy?= =?us-ascii?Q?ha3En2vuibwLp0kP1MMGmL+jXZg29tW4+dsC3Hf5zn2FsRfoObt8uBhvi1Yk?= =?us-ascii?Q?gnqkEaBIupVqBGW+Wd+mmm6B1/S7KozPeRKVu3Yr6vzxndIdbRBrDvofZiJZ?= =?us-ascii?Q?9HG/Gr0YA7Cno9uAxAMrm5N0fepwCDLu6vG/h4Q7IrOTD0BZV+NiZ/CAV0GH?= =?us-ascii?Q?gvehKRJRLewflnAa8U9Dtq4GFrVFOjvZnA7x2Bfbe6ILjG/Xb9Khxu3pk1EC?= =?us-ascii?Q?uBXzYdD5P5FvO1PA/O6nehDwTI9o7HU8p5633CHqkKG8XQEikjYEsviL3CqC?= =?us-ascii?Q?Lc7MNUBXAETjlqYTg4APUfPpp1FRCCn62T4VM0SqZSbt1X/NX8GC/M1WvFPa?= =?us-ascii?Q?wYk6UDHiFEdCSeshMktJuV3lsN3j4aEJ0p+hGa1wRWBYSjz2jQIAMoGIuOSl?= =?us-ascii?Q?jCS6Ywv8+KCb5U62SV0NVlaGKJkiYmT7SKozmj4IrDj57f/IY15rUHu2L5t9?= =?us-ascii?Q?2AmMTfRiTxPk0yr1qdH9AQnXSQG6VcwY2OQKE0xeq+q32cUE2aakKPh7c8dp?= =?us-ascii?Q?HbA8pmDbZCYHqbSP/ciZ8hu4TkMlmIWOXx2lqNKZ6KXAlV9+Z8ix/RQtCPrL?= =?us-ascii?Q?it0Q1FxszdQ9ND4Ehob0Y4ejeUcCDh6mMweoS9tHELhuy4q9NsM5jVT3eeDh?= =?us-ascii?Q?DIxt3fwBdXXhxuXlv8yAOpaDI/zPY7F8xzRU7g/hMo9bYTyPNoMWLI8xySPc?= =?us-ascii?Q?CBAqq6XiGLIZCxbtz17AgcYtvA0qZdtq2mbrYuHjXKR76pgkFPsSHSp2Ylog?= =?us-ascii?Q?bGH7VoNsOMNMB5FmEQIekguVxkt92I4v8zpWsu+i9LIf/H8efl37Knq4Ub+f?= =?us-ascii?Q?Ey5obw+OT85TIKcFrEzO2B1m+DfTYhTpRkHcNFsla3jCzm7BYNUha1J0xrU/?= =?us-ascii?Q?1uzqFkpCj3F7HRNkdR1bNgaQoMx46NAlY9euRbxLd5nrSlZePhZJWjaTRiHZ?= =?us-ascii?Q?ow65vtx04fq6S0xybYDmGP3eu8JcTLKvfgUd6slj8O6O29k3OPTctlshwkhe?= =?us-ascii?Q?UMn11y7Y7CZ2ezdjU4XkwyTnVrNxAivZ3GBz7EyM9ZCHBe7VGZkOkM1rJFZG?= =?us-ascii?Q?TjLt+6mLQo9k3q6BFK6LFTVChamVXB0NsZG4ZWk8xC04htCArgWloUk48IgH?= =?us-ascii?Q?nEnN8FFNojWXOY8QVu8L2tt26jbiDZoMiZtKpnA4XjF5ZsNPRtgfm+/H4OWl?= =?us-ascii?Q?Zze45GGNhzrREfsmXIzHstoe7O/2IJeKyOUiFZJOBoNH13FbfT2aiHCsnLGN?= =?us-ascii?Q?3CGVvu/wrSCvgdQZWTXJFjbSXJoHgmC2P9XjMD5m5ne9fjoP/8lMY2rWNdsO?= =?us-ascii?Q?+L8UwuVJoVcOg/Tsy9rymWxIKmMuwe8t7Faq6Wziyq4Jbe30yRn7K+7+vzzb?= =?us-ascii?Q?puKxSztzbZj2CTdiugyvmbeg/ynB+Rp606zzjnjK?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: d942e158-cec1-4556-2a75-08dd8e313ff9 X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:07:13.5203 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: mYWMiu/vtGaata4SJ4J329tM5Xfa2SiQtyEFic/70daJaBYEUEEPWN89IWq2arUnXqicBKozvVl0TZNiWxFOow== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". To protect from OoB access, check that the input size fit into buffer and add a zero terminator after copy to the end of the copied data. Signed-off-by: Markus Burri Acked-by: Mahesh Salgaonkar --- arch/powerpc/kernel/eeh.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/eeh.c b/arch/powerpc/kernel/eeh.c index 83fe99861eb1..92ef05d3678d 100644 --- a/arch/powerpc/kernel/eeh.c +++ b/arch/powerpc/kernel/eeh.c @@ -1734,10 +1734,15 @@ static ssize_t eeh_force_recover_write(struct file = *filp, char buf[20]; int ret; =20 - ret =3D simple_write_to_buffer(buf, sizeof(buf), ppos, user_buf, count); + if (count >=3D sizeof(buf)) + return -EINVAL; + + ret =3D simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, user_buf, coun= t); if (!ret) return -EFAULT; =20 + buf[ret] =3D '\0'; + /* * When PE is NULL the event is a "special" event. Rather than * recovering a specific PE it forces the EEH core to scan for failed --=20 2.39.5 From nobody Tue Dec 16 07:29:47 2025 Received: from AM0PR83CU005.outbound.protection.outlook.com (mail-westeuropeazon11010040.outbound.protection.outlook.com [52.101.69.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9FBBF22A4C2; Thu, 8 May 2025 13:07:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.69.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709649; cv=fail; b=nghQgET1UnRWO2J3GRoY9avDpAgQvLdAG6H9nZ13lziWinKu2DTq/qdB7XZ7D1ajca/D/iPMHEYImQuYkmnVYXq+80766VNglhFWMM8UWUBelnPOYib1+P0+K/vQ6MJOO8NJ6F7jh2KagtlaH08C/2xVSK0bLhN8PrmD5ekVzus= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746709649; c=relaxed/simple; bh=k3qmuFbx3gvQ7U5zcCnqGrIgIz+CGXRezJ7gP45djbs=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=YzF3EkkrsQ0FoYAcXGwLG5rhlsP14PTyJxtOJlOCg8I3RVHJiQQTjrDcRyyk77OQ/JKT/QvDxdUlk5y+Lfg9j26ekNWzlMazWER0aGKyWQWspoarDvj6kG24hnZMu5+dd4KxJFVWSkxNJhRRSQFRr7ctKHhEP0AcRfiwp/4LbcU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com; spf=fail smtp.mailfrom=mt.com; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b=Q7iqUnl/; arc=fail smtp.client-ip=52.101.69.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=mt.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=mt.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=mt.com header.i=@mt.com header.b="Q7iqUnl/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=S7Wti1pL/KCYa5CsEtMV+npD87s/lz/qSX/xvz9lKkfP+rHFEDXV3qN/rdsb1nUIw0wozxl9Tgo7XljZT6i6JckjRMeFsGaeRPYgw0f9g8lTRLn7dUZHHG8UFIJ91LZRYxPOeNtLeZSxzTjynyQfBqnCLPKfnvRVtaW+QWfboINEP4pRHoKTRvqW43xkiX6g5NtdeKumwGoeRysa6LZ+xTMPdOw6/xpzFi2euL0jNitN2C0xtDY+HHi7DuS5SG+j5X6BWlL3djP7JpBH6QOqd419a27yW5h+feHSSiNbkTne4NhUt+QygJHYG1UagFv5D87z6OnJ2e1fQo9rP0yeYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kIGtlYx8sUULB40EzptwYcsfYMEHKtMC/ayoi+9SbU4=; b=tKE1wpkxxUZxgO+Dumil5x+2aLqG7Ugb6RTSsViU50gCIO/Y445NZSKyqgExr0JTdBj0rPXyBTvANlFbgKr+XuxE1/gHZixdFKq4wFXy6WnR9jYz/PzDEDS7NbPnBR+QNQN1FApGHmnqLcE8yLRELnzK1LlZNz6cZJSHnDFXKsMnp6Gr2fP9pcjfc8j3Q48E1OD2daXSWfHnPS91gDGShvsmo156v+cVAvmjoDENA8AQRi6U+vFgqxjerzpRWg+ZQqI7RcKeR6zJlaBvHw85oXnhV/3kZ0gwyc1R135ViW9XwYrDJr+9mrwDThJcUkuddUgfWf3z3kcscYbburkcdQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mt.com; dmarc=pass action=none header.from=mt.com; dkim=pass header.d=mt.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mt.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kIGtlYx8sUULB40EzptwYcsfYMEHKtMC/ayoi+9SbU4=; b=Q7iqUnl/x2EGI+BT/BQDSek6bR+/DuUfnqLEGbMAIYhN4Dgs25FX/m26kAXY94xwwMhzaa7sJ9+e5MQ+a/TMEE+iMGhyymOLPJk3St00fTRqCuRd1Y/YLpGU6FgYbvNDVI16cNf5qyX+gwdfHTpbDQh070gLrhjZWbU0vGlvGJuTFgBMgVWxNK+szLjbM71JvnlLkTVSUe/lxjJ/WKz3L0mmlZWBKhSFOgK0Jps7NTnnZqohaQ3bqe6BJ+0tLRPH/88Y4tGLsaSOsX3yk2PnSAxht2UTFUFn97mvoMjURHS9TdGqgmJSYkVaYaAaTNveI8TXFKpU44KKx316hn7Opg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mt.com; Received: from DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Thu, 8 May 2025 13:07:25 +0000 Received: from DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b]) by DB6PR03MB3062.eurprd03.prod.outlook.com ([fe80::b201:e423:f29:53b%4]) with mapi id 15.20.8678.033; Thu, 8 May 2025 13:07:25 +0000 From: Markus Burri To: linux-kernel@vger.kernel.org Cc: Markus Burri , Mahesh J Salgaonkar , "Oliver O'Halloran" , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Jacek Lawrynowicz , Maciej Falkowski , Oded Gabbay , Linus Walleij , Bartosz Golaszewski , Nuno Sa , Olivier Moysan , Jonathan Cameron , Lars-Peter Clausen , linuxppc-dev@lists.ozlabs.org, dri-devel@lists.freedesktop.org, linux-gpio@vger.kernel.org, linux-iio@vger.kernel.org, Markus Burri Subject: [PATCH v4 6/6] powerpc/eeh-powernv: fix potential OoB Date: Thu, 8 May 2025 15:06:12 +0200 Message-Id: <20250508130612.82270-7-markus.burri@mt.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250508130612.82270-1-markus.burri@mt.com> References: <20250508130612.82270-1-markus.burri@mt.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: ZR0P278CA0016.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:16::26) To DB6PR03MB3062.eurprd03.prod.outlook.com (2603:10a6:6:36::19) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB6PR03MB3062:EE_|DBAPR03MB6439:EE_ X-MS-Office365-Filtering-Correlation-Id: 4592d554-f108-446f-0e9d-08dd8e3146ca X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|7416014|376014|52116014|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?7SZaQ8TkhOK4bFFwSqb/uODb5nWsuV9f/qHWg9cmBgUasYN+JQZKVhetcsEX?= =?us-ascii?Q?OgPCvFQqRgMVby2JltO01Rtt4czWsDWOXLhyayVpcIAHaXWZ9C5+fXf6HLsf?= =?us-ascii?Q?c+WY2BvewlYYvnGrmGFuhcDG7aw7Ic+ZAfjSxLNS6c6TotSD2+kQljcum8MF?= =?us-ascii?Q?0V+xl8gYsdjgm0V3cjLDbNOpAcJJQXhWCpmX0rBRYSk228w+7OJcgwEIWCEB?= =?us-ascii?Q?Be43PrKyE5/9a+w+y8NiHqbyB78aoFyTtWfXzroFensfVstB4ykL0ZCD+yjk?= =?us-ascii?Q?Cy0l0B44WuBptcVxpd4ccsHfafm+8bv/ADMJDmEO+xDXKvRFe+gTlv/fxyNg?= =?us-ascii?Q?kyU1JD4ceBCUa25cx3P5vMcLKyQZKhgx0lG/lwCFMvW/jvhhq5AcMnh/9dMr?= =?us-ascii?Q?VAD77Fu9IUEe6SFezp7VOaBjnq2MREytUtyFb1Jf2dHnAPea+mY4Gf6MJ+jh?= =?us-ascii?Q?gkjp0xniG7+itoQ3QuC8K0qaWl4d+ih/6NvtsYP2pJUeAwLtikHDEfV3Fg7T?= =?us-ascii?Q?T1rhWdi5COgM22qKBfyefLtus426jgZ5LJ0/hTrnyo8P+7OU1Z7zdPrfw/kU?= =?us-ascii?Q?o99LTx4uz+svIvdoTPFrjUtMbTfyHZfkLPXQh9cO/yeeH4looFqBhKkl4fBF?= =?us-ascii?Q?2nCrnxeBYFdt56PQop/2hf1oVuKs5LIbkMPTPUc9ZnG9qDVUz0u9VbU7ROsa?= =?us-ascii?Q?bJ3lAtwIODhtar+R3a9QH3yYWVNWYK9itJWW0Z+KiOcR9cdKc2EGx60eSOUH?= =?us-ascii?Q?cwTR+uajChs/yX9V5iTieLElZLXjc8D2/EjnMtohRZ2x4boPWFlcs5frHExO?= =?us-ascii?Q?js0jOtCGupwUxqrwYmxhKyVxCu5n5Us96bC7JVnWjRTZm2c9y1+ACFF8rX8X?= =?us-ascii?Q?6EIxEwxwN3TdrUgBJoirE+/An08bo0i3snTGVKuSXshA71+F95/CdJGVDxMd?= =?us-ascii?Q?fFRZQ69zz7cD+lgZ6f8K4M6Msyusa5JF032y14Rv39jsEASeBHCpz7iYoWQP?= =?us-ascii?Q?/Y2dgBTOwEBczkClj2Wovc0rBnzazJSkRKw2Q4OlpTKp5mjy0lAz6GsnkXiq?= =?us-ascii?Q?MGbOkCgoJViz1ko3GcEgDGOrpI2ivIK8h7GghEMaoEW6quhvuMUk7Bl7n0ug?= =?us-ascii?Q?sXAwPDhEHre5qasbousHwt30filCv1OqNlPCfiad9FoFyFnDjBajAicgJ5/7?= =?us-ascii?Q?ziUGnsJnGDd09l0Yjz66r7lzK+inDbxlwMrFMA8XmwdnjgzS/v7LdZvg2iJr?= =?us-ascii?Q?wEy3H4h6q9xys/pgNo7FeyxgJ19FQ9s7tNdtngYF3kUSO4Zb65gBfMWV433e?= =?us-ascii?Q?S9aUTu2c24VCDjPTz/J9HLZCnHhXmXxqtwtKApLS1TL7Cd8pe1dd9zm+JoGb?= =?us-ascii?Q?H8bPvBxQEcLP5pCmrIMFm7+BMVkQ67jCnQ6XkXGnJ0WgCVWe64D/9NWGcWkg?= =?us-ascii?Q?9JlAFZcLQnQ3yCQVSiMn/a8i00jC9iM6rT34zbVP518+hferqzO9PA=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR03MB3062.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(7416014)(376014)(52116014)(1800799024)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?B7lOeTXHGVdKAynQp6Km1nH3pzWBBVYMY4/UdgbSD3N7OyeH01V/wx+OqCps?= =?us-ascii?Q?9m7+/H9ItpVv9eVsXT/y9TrmlRDXtzwLDLvND0ncU8dN+yHyWHdoMD4fjwuJ?= =?us-ascii?Q?V+7bhPStzAROVxp6+B4z0eHnPIyl2bbJgb7F3REeUKIY8u349XdUxgKQrS7x?= =?us-ascii?Q?WnKcYdH7xcKvL4/iYjQ4DA/8uGT+a7ltgIY3JfaVuQDqqLcLNkkk4fTeS8Hh?= =?us-ascii?Q?cuMvmxUvcdHmi32aSjO/vNLub7EBCnUalM1nv8WA3atQSe0OgXPmzFg+//YP?= =?us-ascii?Q?Z3TtvpcRVHqS2giK8AtuNor/A+q+UE3fJiP62+YF7cZlkuq/N2u0OQ7GxcVH?= =?us-ascii?Q?kyczPdXlXG8JTDRsTkF/3cQqQn/ShxxwLEMqtA7F4HJemYP0SLSdGEjNUZyR?= =?us-ascii?Q?SE7tNt/dS82Oi/mgbd0gcWX4zef5/te7PCIwQ2Qeu3WfxOBcmR0gJQVhDFqM?= =?us-ascii?Q?CGoD49gxDhRVjVdUiXenQdvvFAfhvBMl1Jqf+tNuRIcUE0ZEH633ug9IygQR?= =?us-ascii?Q?UXrvofNd7vi+QqxytUMFINZgw2BeVl8CDuJ2TITcEVe7W4KTLKtjqlwz+dAb?= =?us-ascii?Q?oTBabSrAekAJ0O+YIaXaSauWaXvDw1kB8HQrxRJ5rkSIejYmPT4pLjM7XXN1?= =?us-ascii?Q?dXLJmNN8MHXds3tylkQELJg/4pblGMi2BvTp9fKc5IZDuIeS8l5NJCSuY6JA?= =?us-ascii?Q?zHjF0zQjDBof56/LtSPYAiDkf2R5OHS855tlNsiYCQOnb4Fappedhk+l5NPG?= =?us-ascii?Q?zsW2EyFb2R8VqP/vxgoV2JCd+cyZSfi/lhxmGzSxRweIUfQ7baKuORlC5Rn2?= =?us-ascii?Q?AahsSm5OD2Nx2oDFBytlmBHDyhUxwoN0y6mmwGbNh6pr6qwH5UsGf7vU+5n3?= =?us-ascii?Q?u5Ok81g/xK/gjazAXOUix+QJ2KmRE10YocPDqUhYEEZlQeMHsEInze6QAuaO?= =?us-ascii?Q?o8nNkoneWrhIgsQ4xbf9AcFoUsf4vY2s5pgX/Ixur1iGI10bkqB18sBRV4Ql?= =?us-ascii?Q?z9rfVZb+9DzbW8PFYmctJjpKdhRtas9IJzPpYcIxm5SrNmnkgA3OpbNwklIw?= =?us-ascii?Q?yDZq06vdBzRQctoBSU78Hbh6Pqj/8GCQjIP7LvdmiOP69IjsbHZjEqT6mXfI?= =?us-ascii?Q?DDK85EqTDG1jiGjlw+Yj1xV5zCmmAh6l0Zd8HC7n12M2Kz09XscSNKUdpCTw?= =?us-ascii?Q?GpNIY8mhvNm7XveJh2Trd4cbpxcoHrouyyLeugK+gpgqs2UIKncbZbIvhCTK?= =?us-ascii?Q?g4jvnP9SBi2RA7ltsj/35d9zQK6SLPwa2UYMBlgmStlSwyedPiVysp8/Wx7m?= =?us-ascii?Q?MhacyK3+xDFTu5K/wSUb1ULmtkPrg1R4VVBb/j/3t8m890DvbcWRR6fl5511?= =?us-ascii?Q?hYGcm8QHJ++1dpYw/mLaqD8TgiqwE6yTOXX5BVfzDKnoozVW2iYgqTLSweza?= =?us-ascii?Q?iCfG8/8nqvG8ULueC23wEdCTyDYK4O1B6OY8z5WniQKDD/t0mF3A/F5VdIsq?= =?us-ascii?Q?k+nyGA2LyzGwY9VKuCk0vbSKqu3ZAgUakpQd1lWbz5d8PFOO2qhXyaL7QTri?= =?us-ascii?Q?s1ZLKoK6b5jcKKns4dcgHQjN0pbdX+M4j/xVNxF+?= X-OriginatorOrg: mt.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4592d554-f108-446f-0e9d-08dd8e3146ca X-MS-Exchange-CrossTenant-AuthSource: DB6PR03MB3062.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 13:07:24.9767 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fb4c0aee-6cd2-482f-a1a5-717e7c02496b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: WFlEBF3VXZ0KRjyKSd9RbjhGlkA4537GiJQR0F3r4dMKQOPqpKZwkncxN4EeT6TiNIjmmP1362DXzZ0aLelxag== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439 Content-Type: text/plain; charset="utf-8" The buffer is set to 50 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". To protect from OoB access, check that the input size fit into buffer and add a zero terminator after copy to the end of the copied data. Signed-off-by: Markus Burri Acked-by: Mahesh Salgaonkar --- arch/powerpc/platforms/powernv/eeh-powernv.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/platforms/powernv/eeh-powernv.c b/arch/powerpc/pl= atforms/powernv/eeh-powernv.c index db3370d1673c..3abee21fdd05 100644 --- a/arch/powerpc/platforms/powernv/eeh-powernv.c +++ b/arch/powerpc/platforms/powernv/eeh-powernv.c @@ -73,14 +73,19 @@ static ssize_t pnv_eeh_ei_write(struct file *filp, char buf[50]; int ret; =20 + if (count >=3D sizeof(buf)) + return -EINVAL; + if (!eeh_ops || !eeh_ops->err_inject) return -ENXIO; =20 /* Copy over argument buffer */ - ret =3D simple_write_to_buffer(buf, sizeof(buf), ppos, user_buf, count); + ret =3D simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, user_buf, coun= t); if (!ret) return -EFAULT; =20 + buf[ret] =3D '\0'; + /* Retrieve parameters */ ret =3D sscanf(buf, "%x:%x:%x:%lx:%lx", &pe_no, &type, &func, &addr, &mask); --=20 2.39.5