mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 05:35:54 +00:00
50 lines
1.6 KiB
Diff
50 lines
1.6 KiB
Diff
From 167a094eac4383809dd703d96fb88c406dd8786b Mon Sep 17 00:00:00 2001
|
|
From: Xiaoyu Ye <benyxy@codeaurora.org>
|
|
Date: Tue, 20 Dec 2016 10:56:59 -0800
|
|
Subject: mfd: wcd9xxx: Add range checking in function wcd9xxx_init_slimslave
|
|
|
|
Range checking is added to prevent buffer overflow.
|
|
|
|
CRs-Fixed: 1098363
|
|
Change-Id: I5871a3a11ec5f5106a386bf149d7ec22605f3db8
|
|
Signed-off-by: Xiaoyu Ye <benyxy@codeaurora.org>
|
|
---
|
|
drivers/mfd/wcd9xxx-slimslave.c | 10 +++++++++-
|
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/drivers/mfd/wcd9xxx-slimslave.c b/drivers/mfd/wcd9xxx-slimslave.c
|
|
index 4bce440..1ac7b59 100644
|
|
--- a/drivers/mfd/wcd9xxx-slimslave.c
|
|
+++ b/drivers/mfd/wcd9xxx-slimslave.c
|
|
@@ -1,4 +1,4 @@
|
|
-/* Copyright (c) 2012-2016, The Linux Foundation. All rights reserved.
|
|
+/* Copyright (c) 2012-2017, The Linux Foundation. All rights reserved.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 and
|
|
@@ -62,6 +62,10 @@ int wcd9xxx_init_slimslave(struct wcd9xxx *wcd9xxx, u8 wcd9xxx_pgd_la,
|
|
goto err;
|
|
}
|
|
|
|
+ if (!rx_num || rx_num > wcd9xxx->num_rx_port) {
|
|
+ pr_err("%s: invalid rx num %d\n", __func__, rx_num);
|
|
+ return -EINVAL;
|
|
+ }
|
|
if (wcd9xxx->rx_chs) {
|
|
wcd9xxx->num_rx_port = rx_num;
|
|
for (i = 0; i < rx_num; i++) {
|
|
@@ -84,6 +88,10 @@ int wcd9xxx_init_slimslave(struct wcd9xxx *wcd9xxx, u8 wcd9xxx_pgd_la,
|
|
wcd9xxx->num_rx_port);
|
|
}
|
|
|
|
+ if (!tx_num || tx_num > wcd9xxx->num_tx_port) {
|
|
+ pr_err("%s: invalid tx num %d\n", __func__, tx_num);
|
|
+ return -EINVAL;
|
|
+ }
|
|
if (wcd9xxx->tx_chs) {
|
|
wcd9xxx->num_tx_port = tx_num;
|
|
for (i = 0; i < tx_num; i++) {
|
|
--
|
|
cgit v1.1
|
|
|