Re: [PATCH v1 07/10] Input: atmel_mxt_ts - zero terminate config firmware file | linux-input

[PATCH v1 01/10] Input: atmel_mxt_ts - only use first T9 instance · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 02/10] Input: atmel_mxt_ts - use BIT() macro everywhere · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 03/10] Input: atmel_mxt_ts - remove duplicate setup of ABS_MT_PRESSURE · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 04/10] Input: atmel_mxt_ts - remove unnecessary debug on ENOMEM · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 05/10] Input: atmel_mxt_ts - config CRC may start at T71 · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 06/10] Input: atmel_mxt_ts - refactor config update code to add context struct · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 07/10] Input: atmel_mxt_ts - zero terminate config firmware file · Nick Dyer <nick@shmanahar.org> · 2018-07-20
Re: [PATCH v1 07/10] Input: atmel_mxt_ts - zero terminate config firmware file · Dmitry Torokhov <dmitry.torokhov@gmail.com> · 2018-07-23
Re: [PATCH v1 07/10] Input: atmel_mxt_ts - zero terminate config firmware file · Nick Dyer <nick@shmanahar.org> · 2018-07-24
[PATCH v1 08/10] Input: atmel_mxt_ts - don't report zero pressure from T9 · Nick Dyer <nick@shmanahar.org> · 2018-07-20
[PATCH v1 09/10] Input: atmel_mxt_ts - tool type is ignored when slot is closed · Nick Dyer <nick@shmanahar.org> · 2018-07-20
Re: [PATCH v1 09/10] Input: atmel_mxt_ts - tool type is ignored when slot is closed · Dmitry Torokhov <dmitry.torokhov@gmail.com> · 2018-07-23
Re: [PATCH v1 09/10] Input: atmel_mxt_ts - tool type is ignored when slot is closed · Benjamin Tissoires <hidden> · 2018-07-24
Re: [PATCH v1 09/10] Input: atmel_mxt_ts - tool type is ignored when slot is closed · Peter Hutterer <hidden> · 2018-07-25
Re: [PATCH v1 09/10] Input: atmel_mxt_ts - tool type is ignored when slot is closed · Dmitry Torokhov <dmitry.torokhov@gmail.com> · 2018-07-25
[PATCH v1 10/10] Input: atmel_mxt_ts - move completion to after config crc is updated · Nick Dyer <nick@shmanahar.org> · 2018-07-20
Re: [PATCH v1 01/10] Input: atmel_mxt_ts - only use first T9 instance · Dmitry Torokhov <dmitry.torokhov@gmail.com> · 2018-07-27

Re: [PATCH v1 07/10] Input: atmel_mxt_ts - zero terminate config firmware file

From: Nick Dyer <nick@shmanahar.org>
Date: 2018-07-24 20:44:04
Also in: lkml

On Mon, Jul 23, 2018 at 03:35:34PM -0700, Dmitry Torokhov wrote:

On Fri, Jul 20, 2018 at 10:51:19PM +0100, Nick Dyer wrote:

quoted

From: Nick Dyer <redacted>

We use sscanf to parse the configuration file, so it's necessary to zero
terminate the configuration otherwise a truncated file can cause the
parser to run off into uninitialised memory.

Signed-off-by: Nick Dyer <redacted>
---
 drivers/input/touchscreen/atmel_mxt_ts.c | 36 +++++++++++++++++-------
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/drivers/input/touchscreen/atmel_mxt_ts.c b/drivers/input/touchscreen/atmel_mxt_ts.c
index 0ce126e918f1..2d1fddafb7f9 100644
--- a/drivers/input/touchscreen/atmel_mxt_ts.c
+++ b/drivers/input/touchscreen/atmel_mxt_ts.c

@@ -279,7 +279,7 @@ enum mxt_suspend_mode {
 
 /* Config update context */
 struct mxt_cfg {
-	const u8 *raw;
+	u8 *raw;
 	size_t raw_size;
 	off_t raw_pos;

@@ -1451,14 +1451,21 @@ static int mxt_update_cfg(struct mxt_data *data, const struct firmware *fw)
 	u32 info_crc, config_crc, calculated_crc;
 	u16 crc_start = 0;
 
-	cfg.raw = fw->data;
+	/* Make zero terminated copy of the OBP_RAW file */
+	cfg.raw = kzalloc(fw->size + 1, GFP_KERNEL);

kmemdup_nul()? I guess config it not that big to be concerned with
kmalloc() vs vmalloc() and allocation failures...

Yes, that looks like it should work. There's a limit on the size of the
data due to the I2C address space, so we should be fine.

Nick

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help