mfd: rave-sp: Check received frame length before accepting next byte

Check received frame length _before_ accepting next byte in order to
avoid incorrectly rejecting payloads that are RAVE_SP_RX_BUFFER_SIZE
long.

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
This commit is contained in:
Andrey Smirnov 2018-03-08 09:37:56 -08:00 committed by Lee Jones
parent 44564bc3d9
commit 5112cab38c
1 changed files with 2 additions and 2 deletions

View File

@ -546,8 +546,6 @@ static int rave_sp_receive_buf(struct serdev_device *serdev,
/* FALLTHROUGH */
case RAVE_SP_EXPECT_ESCAPED_DATA:
deframer->data[deframer->length++] = byte;
if (deframer->length == sizeof(deframer->data)) {
dev_warn(dev, "Bad frame: Too long\n");
/*
@ -562,6 +560,8 @@ static int rave_sp_receive_buf(struct serdev_device *serdev,
goto reset_framer;
}
deframer->data[deframer->length++] = byte;
/*
* We've extracted out special byte, now we
* can go back to regular data collecting