Skip to content

Commit

Permalink
tools: iio: iio_generic_buffer: Fix read size
Browse files Browse the repository at this point in the history 
When noevents is true and small buffer is used the allocated memory for
holding the data may be smaller than the hard-coded 64 bytes. This can
cause the iio_generic_buffer to crash.

Following was recorded on beagle bone black with v6.0 kernel and the
digit fix patch:
https://lore.kernel.org/all/[email protected]/
using valgrind;

==339== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==339== Command: /iio_generic_buffer -n kx022-accel -T0 -e -l 10 -a -w 2000000
==339== Parent PID: 307
==339==
==339== Syscall param read(buf) points to unaddressable byte(s)
==339==    at 0x496BFA4: read (read.c:26)
==339==    by 0x11699: main (iio_generic_buffer.c:724)
==339==  Address 0x4ab3518 is 0 bytes after a block of size 160 alloc'd
==339==    at 0x4864B70: malloc (vg_replace_malloc.c:381)
==339==    by 0x115BB: main (iio_generic_buffer.c:677)

Fix this by always using the same size for reading as was used for
data storage allocation.

Signed-off-by: Matti Vaittinen <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Jonathan Cameron <[email protected]>
  • Loading branch information
@M-Vaittinen @jic23
M-Vaittinen authored and jic23 committed Nov 1, 2022
1 parent dd4753f commit 7c919b6
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions tools/iio/iio_generic_buffer.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -715,12 +715,12 @@ int main(int argc, char **argv)
continue;
}

toread = buf_len;
} else {
usleep(timedelay);
toread = 64;
}

toread = buf_len;

read_size = read(buf_fd, data, toread * scan_size);
if (read_size < 0) {
if (errno == EAGAIN) {
Expand Down

0 comments on commit 7c919b6

Please sign in to comment.