spi: mediatek: Prevent overflows in FIFO transfers - linux-rng

diff options

author	Nicolas Boichat <drinkcat@chromium.org>	2015-12-27 18:17:06 +0800
committer	Mark Brown <broonie@kernel.org>	2015-12-30 17:26:40 +0000
commit	de327e4966cdbad2b7053c84a6f591fbdc54f7cb (patch)
tree	4d84876c8a528509fa6c9fa412a401934f80f56d /tools/perf/util/scripting-engines/trace-event-python.c
parent	Linux 4.4-rc1 (diff)
download	linux-rng-de327e4966cdbad2b7053c84a6f591fbdc54f7cb.tar.xz linux-rng-de327e4966cdbad2b7053c84a6f591fbdc54f7cb.zip

spi: mediatek: Prevent overflows in FIFO transfers

In the case where transfer length is not a multiple of 4, KASAN reports 2 out-of-bounds memory accesses: - mtk_spi_interrupt: ioread32_rep writes past the end of trans->rx_buf. - mtk_spi_fifo_transfer: iowrite32_rep reads past the end of xfer->tx_buf. Fix this by using memcpy on the remainder of the bytes. Signed-off-by: Nicolas Boichat <drinkcat@chromium.org> Signed-off-by: Mark Brown <broonie@kernel.org>

Diffstat (limited to 'tools/perf/util/scripting-engines/trace-event-python.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: