flash_otp_write: fix a buffer overflow on NAND with write size > 2048

Submitted by Uwe Kleine-König on Feb. 28, 2013, 9:42 a.m.

Details

Message ID 1362044546-559-1-git-send-email-u.kleine-koenig@pengutronix.de
State Accepted
Commit 1145ef7ee979dde2d611e09d00fc6ff0090dcc9d
Headers show

Commit Message

Uwe Kleine-König Feb. 28, 2013, 9:42 a.m.
I'm not aware of any chip having a write size bigger than 2048 today.
Still checking for that instead of a sleeping problem to bite us maybe
in a few years is easy.

Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
---
 flash_otp_write.c |    6 ++++++
 1 file changed, 6 insertions(+)

Patch hide | download patch | download mbox

diff --git a/flash_otp_write.c b/flash_otp_write.c
index 0aa872e..5114e6b 100644
--- a/flash_otp_write.c
+++ b/flash_otp_write.c
@@ -82,6 +82,12 @@  int main(int argc,char *argv[])
 	else
 		len = 256;
 
+	if (len > sizeof(buf)) {
+		printf("huh, writesize (%d) bigger than buffer (%zu)\n",
+				len, sizeof(buf));
+		return ENOMEM;
+	}
+
 	wrote = 0;
 	while ((size = xread(0, buf, len))) {
 		if (size < 0) {