On 30 January 2017 at 10:30, Peter Maydell wrote:
> On 30 January 2017 at 06:47, P J P wrote:
>> From: Prasad J Pandit
>>
>> While doing multi block SDMA transfer in routine
>> 'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
>> index 'begin' and data length 's->data_count' coul
On 30 January 2017 at 06:47, P J P wrote:
> From: Prasad J Pandit
>
> While doing multi block SDMA transfer in routine
> 'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
> index 'begin' and data length 's->data_count' could end up to be same.
> This could lead to an OOB access is
From: Prasad J Pandit
While doing multi block SDMA transfer in routine
'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
index 'begin' and data length 's->data_count' could end up to be same.
This could lead to an OOB access issue. Correct transfer data length
to avoid it.
Report
