mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-27 12:57:53 +00:00
pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
[ Upstream commit 3803584a4e
]
If the number of provided enum IDs in a variable width config register
description does not match the expected number, the checker uses the
expected number for validating the individual enum IDs.
However, this may cause out-of-bounds accesses on the array holding the
enum IDs, leading to bogus enum_id conflict warnings. Worse, if the bug
is an incorrect bit field description (e.g. accidentally using "12"
instead of "-12" for a reserved field), thousands of warnings may be
printed, overflowing the kernel log buffer.
Fix this by limiting the enum ID check to the number of provided enum
IDs.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Link: https://lore.kernel.org/r/c7385f44f2faebb8856bcbb4e908d846fc1531fb.1705930809.git.geert+renesas@glider.be
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
f917c66b11
commit
0b75d679e8
1 changed files with 3 additions and 1 deletions
|
@ -868,9 +868,11 @@ static void __init sh_pfc_check_cfg_reg(const char *drvname,
|
|||
sh_pfc_err("reg 0x%x: var_field_width declares %u instead of %u bits\n",
|
||||
cfg_reg->reg, rw, cfg_reg->reg_width);
|
||||
|
||||
if (n != cfg_reg->nr_enum_ids)
|
||||
if (n != cfg_reg->nr_enum_ids) {
|
||||
sh_pfc_err("reg 0x%x: enum_ids[] has %u instead of %u values\n",
|
||||
cfg_reg->reg, cfg_reg->nr_enum_ids, n);
|
||||
n = cfg_reg->nr_enum_ids;
|
||||
}
|
||||
|
||||
check_enum_ids:
|
||||
sh_pfc_check_reg_enums(drvname, cfg_reg->reg, cfg_reg->enum_ids, n);
|
||||
|
|
Loading…
Reference in a new issue