From e4573fef7701afc2df22924ce0a445b923475afc Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Fri, 26 Aug 2022 23:15:56 +0200 Subject: i2c: fix stack buffer overflow vulnerability in i2c md command This reinstates fix from commit 8f8c04bf1ebb ("i2c: fix stack buffer overflow vulnerability in i2c md command") without the changes unrelated to the actual fix. Avoid the underflow by setting only nbytes and linebytes as unsigned integers. Signed-off-by: Marek Vasut Cc: Heiko Schocher Cc: Nicolas Iooss Cc: Simon Glass Cc: Tim Harvey Acked-by: Tim Harvey --- cmd/i2c.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'cmd/i2c.c') diff --git a/cmd/i2c.c b/cmd/i2c.c index 9050b2b8d2..e196a73efa 100644 --- a/cmd/i2c.c +++ b/cmd/i2c.c @@ -470,7 +470,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc, uint chip; uint addr, length; int alen; - int j, nbytes, linebytes; + int j; + uint nbytes, linebytes; int ret; #if CONFIG_IS_ENABLED(DM_I2C) struct udevice *dev; -- cgit v1.2.3