Hi Sean,
On Wed, 23 Mar 2022 at 16:24, Sean Anderson <sean...@gmail.com> wrote:
>
> sandbox_flash_bulk uses priv->read_len to determine if priv->buff contains
> the response data (such as from SCSI_INQUIRY). However, if priv->fd=-1 in
> handle_read, then priv->read_len is not set even though we are going to
> PHASE_DATA. This causes sandbox_flash_bulk to try and read len bytes from
> priv->buff, which likely goes past the end of the buffer. Fix this by always
> setting priv->read_len even if we aren't going to read anything.
>
> Fixes: f4f715360c ("dm: usb: sandbox: Add an emulator for USB flash devices")
> Signed-off-by: Sean Anderson <sean...@gmail.com>
> ---
> Is returning -EIO correct here? Should we return 0 (nothing read)? Or pretend
> to
> read the whole thing and then let the caller figure it out based on the
> status?
It looks like returning an error makes sense, but Marek may know more.
>
> drivers/usb/emul/sandbox_flash.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
Reviewed-by: Simon Glass <s...@chromium.org>
>
Applied to u-boot-dm, thanks!
