mfd: rave-sp: Check received frame length before accepting next byte
Check received frame length _before_ accepting next byte in order to avoid incorrectly rejecting payloads that are RAVE_SP_RX_BUFFER_SIZE long. Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com> Tested-by: Lucas Stach <l.stach@pengutronix.de> Signed-off-by: Lee Jones <lee.jones@linaro.org>
This commit is contained in:
parent
44564bc3d9
commit
5112cab38c
@ -546,8 +546,6 @@ static int rave_sp_receive_buf(struct serdev_device *serdev,
|
||||
/* FALLTHROUGH */
|
||||
|
||||
case RAVE_SP_EXPECT_ESCAPED_DATA:
|
||||
deframer->data[deframer->length++] = byte;
|
||||
|
||||
if (deframer->length == sizeof(deframer->data)) {
|
||||
dev_warn(dev, "Bad frame: Too long\n");
|
||||
/*
|
||||
@ -562,6 +560,8 @@ static int rave_sp_receive_buf(struct serdev_device *serdev,
|
||||
goto reset_framer;
|
||||
}
|
||||
|
||||
deframer->data[deframer->length++] = byte;
|
||||
|
||||
/*
|
||||
* We've extracted out special byte, now we
|
||||
* can go back to regular data collecting
|
||||
|
Loading…
Reference in New Issue
Block a user