[PATCH AUTOSEL 4.4 29/44] media: ov9650: add a sanity check
From: Sasha Levin
Date: Sun Sep 22 2019 - 15:02:05 EST
From: Mauro Carvalho Chehab <mchehab+samsung@xxxxxxxxxx>
[ Upstream commit 093347abc7a4e0490e3c962ecbde2dc272a8f708 ]
As pointed by cppcheck:
[drivers/media/i2c/ov9650.c:706]: (error) Shifting by a negative value is undefined behaviour
[drivers/media/i2c/ov9650.c:707]: (error) Shifting by a negative value is undefined behaviour
[drivers/media/i2c/ov9650.c:721]: (error) Shifting by a negative value is undefined behaviour
Prevent mangling with gains with invalid values.
As pointed by Sylvester, this should never happen in practice,
as min value of V4L2_CID_GAIN control is 16 (gain is always >= 16
and m is always >= 0), but it is too hard for a static analyzer
to get this, as the logic with validates control min/max is
elsewhere inside V4L2 core.
Reviewed-by: Sylwester Nawrocki <s.nawrocki@xxxxxxxxxxx>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/media/i2c/ov9650.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/media/i2c/ov9650.c b/drivers/media/i2c/ov9650.c
index 1ee6a5527c384..d11de02ecb63e 100644
--- a/drivers/media/i2c/ov9650.c
+++ b/drivers/media/i2c/ov9650.c
@@ -707,6 +707,11 @@ static int ov965x_set_gain(struct ov965x *ov965x, int auto_gain)
for (m = 6; m >= 0; m--)
if (gain >= (1 << m) * 16)
break;
+
+ /* Sanity check: don't adjust the gain with a negative value */
+ if (m < 0)
+ return -EINVAL;
+
rgain = (gain - ((1 << m) * 16)) / (1 << m);
rgain |= (((1 << m) - 1) << 4);
--
2.20.1