diff options
| author | Takashi Iwai <tiwai@suse.de> | 2013-12-02 09:07:59 -0500 |
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2013-12-02 09:10:41 -0500 |
| commit | e4de211cd31665c167351a428e08199ee6355e46 (patch) | |
| tree | cc45cb0130056615b11733ddf8296a36835d246e /sound | |
| parent | 88d071fc9a93de2916822910c927f28ed15c3a56 (diff) | |
ALSA: atmel: Fix possible array overflow
The static checker found a possible array overflow in atmel/abdac.c:
static checker warning: "sound/atmel/abdac.c:373 set_sample_rates()
error: buffer overflow 'dac->rates' 6 <= 6"
This patch papers over the buggy point, by ensuring that dac->rates[]
update not overflowing the actual array size.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Diffstat (limited to 'sound')
| -rw-r--r-- | sound/atmel/abdac.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sound/atmel/abdac.c b/sound/atmel/abdac.c index 872d59e35ee2..721d8fd45685 100644 --- a/sound/atmel/abdac.c +++ b/sound/atmel/abdac.c | |||
| @@ -357,7 +357,8 @@ static int set_sample_rates(struct atmel_abdac *dac) | |||
| 357 | if (new_rate < 0) | 357 | if (new_rate < 0) |
| 358 | break; | 358 | break; |
| 359 | /* make sure we are below the ABDAC clock */ | 359 | /* make sure we are below the ABDAC clock */ |
| 360 | if (new_rate <= clk_get_rate(dac->pclk)) { | 360 | if (index < MAX_NUM_RATES && |
| 361 | new_rate <= clk_get_rate(dac->pclk)) { | ||
| 361 | dac->rates[index] = new_rate / 256; | 362 | dac->rates[index] = new_rate / 256; |
| 362 | index++; | 363 | index++; |
| 363 | } | 364 | } |