misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case")
added NO_BAR (-1) to the pci_barno enum which, in practical terms,
changes the enum from an unsigned int to a signed int. If the user
passes a negative number in pci_endpoint_test_ioctl() then it results in
an array underflow in pci_endpoint_test_bar().

Fixes: eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Manivannan Sadhasivam <mani@kernel.org>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Link: https://patch.msgid.link/aIzzZ4vc6ZrmM9rI@suswa

authored by

Dan Carpenter and committed by

Bjorn Helgaas 8 months ago 1ad82f9d 57a75fa9

+1 -1

1 changed file

expand all

drivers

misc

pci_endpoint_test.c

+1 -1

drivers/misc/pci_endpoint_test.c

··· 937 937 switch (cmd) { 938 938 case PCITEST_BAR: 939 939 bar = arg; 940 - if (bar > BAR_5) 940 + if (bar <= NO_BAR || bar > BAR_5) 941 941 goto ret; 942 942 if (is_am654_pci_dev(pdev) && bar == BAR_0) 943 943 goto ret;