From: Marek Vasut Date: Fri, 26 Aug 2022 21:15:56 +0000 (+0200) Subject: i2c: fix stack buffer overflow vulnerability in i2c md command X-Git-Url: http://git.dujemihanovic.xyz/?a=commitdiff_plain;h=e4573fef7701afc2df22924ce0a445b923475afc;p=u-boot.git i2c: fix stack buffer overflow vulnerability in i2c md command This reinstates fix from commit 8f8c04bf1ebb ("i2c: fix stack buffer overflow vulnerability in i2c md command") without the changes unrelated to the actual fix. Avoid the underflow by setting only nbytes and linebytes as unsigned integers. Signed-off-by: Marek Vasut Cc: Heiko Schocher Cc: Nicolas Iooss Cc: Simon Glass Cc: Tim Harvey Acked-by: Tim Harvey --- diff --git a/cmd/i2c.c b/cmd/i2c.c index 9050b2b8d2..e196a73efa 100644 --- a/cmd/i2c.c +++ b/cmd/i2c.c @@ -470,7 +470,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc, uint chip; uint addr, length; int alen; - int j, nbytes, linebytes; + int j; + uint nbytes, linebytes; int ret; #if CONFIG_IS_ENABLED(DM_I2C) struct udevice *dev;