[PATCH 03/10] cros_ec: Add run-time check for input buffer overflow

Simon Glass sjg at chromium.org
Sat Jan 16 22:52:24 CET 2021


This should not happen in normal operation, but the EC might have a bug,
so add a run-time check just in case.

Signed-off-by: Simon Glass <sjg at chromium.org>
---

 drivers/misc/cros_ec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/misc/cros_ec.c b/drivers/misc/cros_ec.c
index ce5fa5bee35..e51ac874098 100644
--- a/drivers/misc/cros_ec.c
+++ b/drivers/misc/cros_ec.c
@@ -404,6 +404,8 @@ static int ec_command(struct udevice *dev, uint cmd, int cmd_version,
 		 */
 		if (din && in_buffer) {
 			assert(len <= din_len);
+			if (len > din_len)
+				return -ENOSPC;
 			memmove(din, in_buffer, len);
 		}
 	}
-- 
2.30.0.284.gd98b1dd5eaa7-goog



More information about the U-Boot mailing list