[media] s5p-fimc: Prevent potential buffer overflow

Replace the hard coded csi_sensors[] array size with a relevant constant to make sure we don't iterate beyond the actual array. Signed-off-by: N Sylwester Nawrocki <s.nawrocki@samsung.com> Signed-off-by: N Kyungmin Park <kyungmin.park@samsung.com> Signed-off-by: N Mauro Carvalho Chehab <mchehab@redhat.com>

[media] s5p-fimc: Prevent potential buffer overflow
Replace the hard coded csi_sensors[] array size with a relevant constant to make sure we don't iterate beyond the actual array. Signed-off-by: N Sylwester Nawrocki <s.nawrocki@samsung.com> Signed-off-by: N Kyungmin Park <kyungmin.park@samsung.com> Signed-off-by: N Mauro Carvalho Chehab <mchehab@redhat.com>
a8697ec8 · Sylwester Nawrocki · Mauro Carvalho Chehab · 6612545f · a8697ec8
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

drivers/media/platform/s5p-fimc/fimc-mdevice.c drivers/media/platform/s5p-fimc/fimc-mdevice.c +2 -2

未找到文件。
--- a/drivers/media/platform/s5p-fimc/fimc-mdevice.c
+++ b/drivers/media/platform/s5p-fimc/fimc-mdevice.c
@@ -627,7 +627,7 @@ static int __fimc_md_create_flite_source_links(struct fimc_md *fmd)
 */
 static int fimc_md_create_links(struct fimc_md *fmd)
 {
-	struct v4l2_subdev *csi_sensors[2] = { NULL };
+	struct v4l2_subdev *csi_sensors[CSIS_MAX_ENTITIES] = { NULL };
 	struct v4l2_subdev *sensor, *csis;
 	struct s5p_fimc_isp_info *pdata;
 	struct fimc_sensor_info *s_info;
@@ -692,7 +692,7 @@ static int fimc_md_create_links(struct fimc_md *fmd)
 						       pad, link_mask);
 	}

-	for (i = 0; i < ARRAY_SIZE(fmd->csis); i++) {
+	for (i = 0; i < CSIS_MAX_ENTITIES; i++) {
 		if (fmd->csis[i].sd == NULL)
 			continue;
 		source = &fmd->csis[i].sd->entity;