i2c: fix stack buffer overflow vulnerability in i2c md command

This reinstates fix from commit 8f8c04bf1ebb ("i2c: fix stack buffer overflow vulnerability in i2c md command") without the changes unrelated to the actual fix. Avoid the underflow by setting only nbytes and linebytes as unsigned integers. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Heiko Schocher <hs@denx.de> Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr> Cc: Simon Glass <sjg@chromium.org> Cc: Tim Harvey <tharvey@gateworks.com> Acked-by: Tim Harvey <tharvey@gateworks.com>
author: Marek Vasut <marex@denx.de> 2022-08-27 00:15:56 +0300
committer: Tom Rini <trini@konsulko.com> 2022-08-31 19:21:47 +0300
commit: e4573fef7701afc2df22924ce0a445b923475afc (patch)
tree: 20d34ecf4bfa236f68695afac4fff5dc57384b67 /cmd
parent: 1aa9a04ff687b8d55b0fb68ae2a688c8705665cc (diff)
download: u-boot-e4573fef7701afc2df22924ce0a445b923475afc.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/cmd/i2c.c b/cmd/i2c.c
index 9050b2b8d2..e196a73efa 100644
--- a/cmd/i2c.c
+++ b/cmd/i2c.c
@@ -470,7 +470,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc,
 	uint	chip;
 	uint	addr, length;
 	int alen;
-	int	j, nbytes, linebytes;
+	int j;
+	uint nbytes, linebytes;
 	int ret;
 #if CONFIG_IS_ENABLED(DM_I2C)
 	struct udevice *dev;
author	Marek Vasut <marex@denx.de>	2022-08-27 00:15:56 +0300
committer	Tom Rini <trini@konsulko.com>	2022-08-31 19:21:47 +0300
commit	e4573fef7701afc2df22924ce0a445b923475afc (patch)
tree	20d34ecf4bfa236f68695afac4fff5dc57384b67 /cmd
parent	1aa9a04ff687b8d55b0fb68ae2a688c8705665cc (diff)
download	u-boot-e4573fef7701afc2df22924ce0a445b923475afc.tar.xz