From: Roel Kluin <roel.kluin@gmail.com>
Date: Fri, 22 May 2009 08:46:52 +0000 (+0800)
Subject: fsldma: fix check on potential fdev->chan[] overflow
X-Git-Tag: v2.6.30-rc8~14^2~5
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f47edc6dab11801c2e97088ba7bbce042ded867c;p=profile%2Fivi%2Fkernel-adaptation-intel-automotive.git

fsldma: fix check on potential fdev->chan[] overflow

Fix the check of potential array overflow when using corrupted channel
device tree nodes.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Li Yang <leoli@freescale.com>
---

diff --git a/drivers/dma/fsldma.c b/drivers/dma/fsldma.c
index da8a8ed..391b1bd 100644
--- a/drivers/dma/fsldma.c
+++ b/drivers/dma/fsldma.c
@@ -830,7 +830,7 @@ static int __devinit fsl_dma_chan_probe(struct fsl_dma_device *fdev,
 			new_fsl_chan->reg.end - new_fsl_chan->reg.start + 1);
 
 	new_fsl_chan->id = ((new_fsl_chan->reg.start - 0x100) & 0xfff) >> 7;
-	if (new_fsl_chan->id > FSL_DMA_MAX_CHANS_PER_DEVICE) {
+	if (new_fsl_chan->id >= FSL_DMA_MAX_CHANS_PER_DEVICE) {
 		dev_err(fdev->dev, "There is no %d channel!\n",
 				new_fsl_chan->id);
 		err = -EINVAL;