From e4de211cd31665c167351a428e08199ee6355e46 Mon Sep 17 00:00:00 2001
From: Takashi Iwai <tiwai@suse.de>
Date: Mon, 2 Dec 2013 15:07:59 +0100
Subject: ALSA: atmel: Fix possible array overflow

The static checker found a possible array overflow in atmel/abdac.c:
  static checker warning: "sound/atmel/abdac.c:373 set_sample_rates()
        error: buffer overflow 'dac->rates' 6 <= 6"

This patch papers over the buggy point, by ensuring that dac->rates[]
update not overflowing the actual array size.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
---
 sound/atmel/abdac.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'sound/atmel')

diff --git a/sound/atmel/abdac.c b/sound/atmel/abdac.c
index 872d59e35ee..721d8fd4568 100644
--- a/sound/atmel/abdac.c
+++ b/sound/atmel/abdac.c
@@ -357,7 +357,8 @@ static int set_sample_rates(struct atmel_abdac *dac)
 		if (new_rate < 0)
 			break;
 		/* make sure we are below the ABDAC clock */
-		if (new_rate <= clk_get_rate(dac->pclk)) {
+		if (index < MAX_NUM_RATES &&
+		    new_rate <= clk_get_rate(dac->pclk)) {
 			dac->rates[index] = new_rate / 256;
 			index++;
 		}
-- 
cgit v1.2.3