Re: [PATCH] i2c: busses: Fix out-of-bounds bug in mchp_corei2c_smbus_xfer

From: Wolfram Sang
Date: Sat Jun 28 2025 - 16:10:05 EST

Next message: Srinivas Kandagatla: "Re: [PATCH 3/3] ASoC: codecs: add new pm4125 audio codec driver"
Previous message: Sukrut Bellary: "Re: [PATCH v4 2/5] iio: adc: ti-adc128s052: Use shift and realbits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jun 15, 2025 at 07:49:19PM -0400, Alex Guo wrote:
> The data->block[0] variable comes from user. Without proper check,
> the variable may be very large to cause an out-of-bounds bug.

Okay, okay, instead of adding these limits to all these drivers, let me
start adding SMBus3 support to the kernel which allows for bigger block
sizes. I probably won't have time to export this to user space yet, but
let's at least make sure the kernel, and thus the drivers, won't suffer
from buffer overflows anymore.

Next message: Srinivas Kandagatla: "Re: [PATCH 3/3] ASoC: codecs: add new pm4125 audio codec driver"
Previous message: Sukrut Bellary: "Re: [PATCH v4 2/5] iio: adc: ti-adc128s052: Use shift and realbits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]