From: Chester Lin clin@suse.com
stable inclusion from stable-v6.6.13 commit f88c602fd0ab289d03e0e279ce83ddf01c24ec22 bugzilla: https://gitee.com/openeuler/kernel/issues/I99TJK
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
[ Upstream commit 08e8734d877a9a0fb8af1254a4ce58734fbef296 ]
With "W=1" and "-Wformat-truncation" build options, the kernel test robot found a possible string truncation warning in pinctrl-s32cc.c, which uses an 8-byte char array to hold a memory region name "map%u". Since the maximum number of digits that a u32 value can present is 10, and the "map" string occupies 3 bytes with a termination '\0', which means the rest 4 bytes cannot fully present the integer "X" that exceeds 4 digits.
Here we check if the number >= 10000, which is the lowest value that contains more than 4 digits.
Reported-by: kernel test robot lkp@intel.com Closes: https://lore.kernel.org/oe-kbuild-all/202311030159.iyUGjNGF-lkp@intel.com/ Signed-off-by: Chester Lin clin@suse.com Link: https://lore.kernel.org/r/20231107141044.24058-1-clin@suse.com Signed-off-by: Linus Walleij linus.walleij@linaro.org Signed-off-by: Sasha Levin sashal@kernel.org Signed-off-by: ZhangPeng zhangpeng362@huawei.com --- drivers/pinctrl/nxp/pinctrl-s32cc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/pinctrl/nxp/pinctrl-s32cc.c b/drivers/pinctrl/nxp/pinctrl-s32cc.c index 7daff9f186cd..f0cad2c501f7 100644 --- a/drivers/pinctrl/nxp/pinctrl-s32cc.c +++ b/drivers/pinctrl/nxp/pinctrl-s32cc.c @@ -843,8 +843,8 @@ static int s32_pinctrl_probe_dt(struct platform_device *pdev, if (!np) return -ENODEV;
- if (mem_regions == 0) { - dev_err(&pdev->dev, "mem_regions is 0\n"); + if (mem_regions == 0 || mem_regions >= 10000) { + dev_err(&pdev->dev, "mem_regions is invalid: %u\n", mem_regions); return -EINVAL; }