review.tizen.org Git - platform/kernel/linux-amlogic.git/commit

author	Arnd Bergmann <arnd@arndb.de>
	Thu, 2 Feb 2017 14:51:28 +0000 (12:51 -0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 8 Oct 2017 08:26:12 +0000 (10:26 +0200)
commit	14b502e491a8ea9257c9cbe4b7b0800e6e9a7473
tree	97d467a85fdc2c0f0897b7a261dee3eb6d5cf427	tree \| snapshot
parent	c637027054ae199bc93d72440019e3a445026988	commit \| diff

ttpci: address stringop overflow warning

commit 69d3973af1acd4c0989ec8218c05f12d303cd7cf upstream.

gcc-7.0.1 warns about old code in ttpci:

In file included from drivers/media/pci/ttpci/av7110.c:63:0:
In function 'irdebi.isra.2',
    inlined from 'start_debi_dma' at drivers/media/pci/ttpci/av7110.c:376:3,
    inlined from 'gpioirq' at drivers/media/pci/ttpci/av7110.c:659:3:
drivers/media/pci/ttpci/av7110_hw.h:406:3: warning: 'memcpy': specified size between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
   memcpy(av7110->debi_virt, (char *) &res, count);
In function 'irdebi.isra.2',
    inlined from 'start_debi_dma' at drivers/media/pci/ttpci/av7110.c:376:3,
    inlined from 'gpioirq' at drivers/media/pci/ttpci/av7110.c:668:3:
drivers/media/pci/ttpci/av7110_hw.h:406:3: warning: 'memcpy': specified size between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
   memcpy(av7110->debi_virt, (char *) &res, count);

Apparently, 'count' can be negative here, which will then get turned
into a giant size argument for memcpy. Changing the sizes to 'unsigned
int' instead seems safe as we already check for maximum sizes, and it
also simplifies the code a bit.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/media/pci/ttpci/av7110_hw.c		diff \| blob \| history
drivers/media/pci/ttpci/av7110_hw.h		diff \| blob \| history