The data in config_fw has header, data blocks and end block. The
data count in the config_fw is the number of data blocks except
end block. Without considering end block, this causes buffer
overflow. So this patch fixes allocation size considering end block.
Change-Id: I053e251a21ba8befb03a1db233e4e2d9dbf1b795
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
}
offset = conf_hdr->data_offset;
- conf_item = kzalloc(sizeof(*conf_item)*conf_hdr->data_count,GFP_KERNEL);
+ conf_item = kzalloc(sizeof(*conf_item) * (conf_hdr->data_count + 1),
+ GFP_KERNEL);
for (i=0 ;; i++ , offset += MMS_MFSP_OFFSET)
{