rtc: remove VLA usage
In preparation to enabling -Wvla, remove VLA and replace it with a fixed-length array instead. >From a security viewpoint, the use of Variable Length Arrays can be a vector for stack overflow attacks. Also, in general, as the code evolves it is easy to lose track of how big a VLA can get. Thus, we can end up having segfaults that are hard to debug. Also, fixed as part of the directive to remove all VLAs from the kernel: https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
This commit is contained in:
parent
83bbc5ac63
commit
fed9b18611
@ -36,6 +36,10 @@
|
||||
#define BQ32K_CFG2 0x09 /* Trickle charger control */
|
||||
#define BQ32K_TCFE BIT(6) /* Trickle charge FET bypass */
|
||||
|
||||
#define MAX_LEN 10 /* Maximum number of consecutive
|
||||
* register for this particular RTC.
|
||||
*/
|
||||
|
||||
struct bq32k_regs {
|
||||
uint8_t seconds;
|
||||
uint8_t minutes;
|
||||
@ -74,7 +78,7 @@ static int bq32k_read(struct device *dev, void *data, uint8_t off, uint8_t len)
|
||||
static int bq32k_write(struct device *dev, void *data, uint8_t off, uint8_t len)
|
||||
{
|
||||
struct i2c_client *client = to_i2c_client(dev);
|
||||
uint8_t buffer[len + 1];
|
||||
uint8_t buffer[MAX_LEN + 1];
|
||||
|
||||
buffer[0] = off;
|
||||
memcpy(&buffer[1], data, len);
|
||||
|
@ -82,7 +82,7 @@ static int mcp795_rtcc_write(struct device *dev, u8 addr, u8 *data, u8 count)
|
||||
{
|
||||
struct spi_device *spi = to_spi_device(dev);
|
||||
int ret;
|
||||
u8 tx[2 + count];
|
||||
u8 tx[257];
|
||||
|
||||
tx[0] = MCP795_WRITE;
|
||||
tx[1] = addr;
|
||||
|
Loading…
Reference in New Issue
Block a user