Re: [PATCH] remoteproc: Fix count check in rproc_coredump_write()
From: Bjorn Andersson
Date: Wed Jan 19 2022 - 19:23:58 EST
On Wed 19 Jan 15:21 PST 2022, Alistair Delva wrote:
> Check count for 0, to avoid a potential underflow. Make the check the
> same as the one in rproc_recovery_write().
>
> Fixes: 3afdc59e4390 ("remoteproc: Add coredump debugfs entry")
> Signed-off-by: Alistair Delva <adelva@xxxxxxxxxx>
> Cc: Rishabh Bhatnagar <rishabhb@xxxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: Ohad Ben-Cohen <ohad@xxxxxxxxxx>
> Cc: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>
> Cc: Mathieu Poirier <mathieu.poirier@xxxxxxxxxx>
> Cc: Sibi Sankar <sibis@xxxxxxxxxxxxxx>
> Cc: linux-remoteproc@xxxxxxxxxxxxxxx
> Cc: kernel-team@xxxxxxxxxxx
Reviewed-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>
Regards,
Bjorn
> ---
> drivers/remoteproc/remoteproc_debugfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/remoteproc/remoteproc_debugfs.c b/drivers/remoteproc/remoteproc_debugfs.c
> index b5a1e3b697d9..581930483ef8 100644
> --- a/drivers/remoteproc/remoteproc_debugfs.c
> +++ b/drivers/remoteproc/remoteproc_debugfs.c
> @@ -76,7 +76,7 @@ static ssize_t rproc_coredump_write(struct file *filp,
> int ret, err = 0;
> char buf[20];
>
> - if (count > sizeof(buf))
> + if (count < 1 || count > sizeof(buf))
> return -EINVAL;
>
> ret = copy_from_user(buf, user_buf, count);
> --
> 2.30.2
>