From e4573fef7701afc2df22924ce0a445b923475afc Mon Sep 17 00:00:00 2001
From: Marek Vasut <marex@denx.de>
Date: Fri, 26 Aug 2022 23:15:56 +0200
Subject: i2c: fix stack buffer overflow vulnerability in i2c md command

This reinstates fix from commit 8f8c04bf1ebb ("i2c: fix stack buffer
overflow vulnerability in i2c md command") without the changes unrelated
to the actual fix. Avoid the underflow by setting only nbytes and
linebytes as unsigned integers.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tim Harvey <tharvey@gateworks.com>
Acked-by: Tim Harvey <tharvey@gateworks.com>
---
 cmd/i2c.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'cmd')

diff --git a/cmd/i2c.c b/cmd/i2c.c
index 9050b2b8d2..e196a73efa 100644
--- a/cmd/i2c.c
+++ b/cmd/i2c.c
@@ -470,7 +470,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc,
 	uint	chip;
 	uint	addr, length;
 	int alen;
-	int	j, nbytes, linebytes;
+	int j;
+	uint nbytes, linebytes;
 	int ret;
 #if CONFIG_IS_ENABLED(DM_I2C)
 	struct udevice *dev;
-- 
cgit v1.2.3