github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-27 00:22:00 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

platform/chrome: cros_ec_i2c: drop BUG_ON() in cros_ec_pkt_xfer_i2c()

Browse Source 
It is overkill to crash the kernel if the given message is oversize.

Drop the BUG_ON() and return -EINVAL instead.

Reviewed-by: Guenter Roeck <groeck@chromium.org>
Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org>
Link: https://lore.kernel.org/r/20220513044143.1045728-6-tzungbi@kernel.org
This commit is contained in:
Tzung-Bi Shih 2022-05-13 12:41:41 +08:00
parent 20a264c97b
commit 8bff946c41
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
drivers/platform/chrome/cros_ec_i2c.c
View File

@ -72,13 +72,19 @@ static int cros_ec_pkt_xfer_i2c(struct cros_ec_device *ec_dev,
i2c_msg[1].flags = I2C_M_RD;
packet_len = msg->insize + response_header_size;
BUG_ON(packet_len > ec_dev->din_size);
if (packet_len > ec_dev->din_size) {
ret = -EINVAL;
goto done;
}
in_buf = ec_dev->din;
i2c_msg[1].len = packet_len;
i2c_msg[1].buf = (char *) in_buf;
packet_len = msg->outsize + request_header_size;
BUG_ON(packet_len > ec_dev->dout_size);
if (packet_len > ec_dev->dout_size) {
ret = -EINVAL;
goto done;
}
out_buf = ec_dev->dout;
i2c_msg[0].len = packet_len;
i2c_msg[0].buf = (char *) out_buf;