[PATCH 4.18 080/228] ASoC: qdsp6: qdafe: fix some off by one bugs

From: Greg Kroah-Hartman
Date: Tue Oct 02 2018 - 10:09:40 EST


4.18-stable review patch. If anyone has any objections, please let me know.

------------------

From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

[ Upstream commit c54c1c5ee8e73b7cb752834e52e2129b1dab00bd ]

The > should be >= or we could read one element beyond the end of the
port_maps[] array.

Fixes: 7fa2d70f9766 ("ASoC: qdsp6: q6afe: Add q6afe driver")
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Acked-by: Srinivas Kandagatla <srinivas.kandagatla@xxxxxxxxxx>
Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
sound/soc/qcom/qdsp6/q6afe.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

--- a/sound/soc/qcom/qdsp6/q6afe.c
+++ b/sound/soc/qcom/qdsp6/q6afe.c
@@ -777,7 +777,7 @@ static int q6afe_callback(struct apr_dev
*/
int q6afe_get_port_id(int index)
{
- if (index < 0 || index > AFE_PORT_MAX)
+ if (index < 0 || index >= AFE_PORT_MAX)
return -EINVAL;

return port_maps[index].port_id;
@@ -1014,7 +1014,7 @@ int q6afe_port_stop(struct q6afe_port *p

port_id = port->id;
index = port->token;
- if (index < 0 || index > AFE_PORT_MAX) {
+ if (index < 0 || index >= AFE_PORT_MAX) {
dev_err(afe->dev, "AFE port index[%d] invalid!\n", index);
return -EINVAL;
}
@@ -1355,7 +1355,7 @@ struct q6afe_port *q6afe_port_get_from_i
unsigned long flags;
int cfg_type;

- if (id < 0 || id > AFE_PORT_MAX) {
+ if (id < 0 || id >= AFE_PORT_MAX) {
dev_err(dev, "AFE port token[%d] invalid!\n", id);
return ERR_PTR(-EINVAL);
}