On 20-02-17, 19:57, Andrzej Hajda wrote:
> Reading array at given index before checking if index is valid results in
> illegal memory access.
>
> The bug was detected using KASAN framework.
>
> Signed-off-by: Andrzej Hajda <a.ha...@samsung.com>
> ---
> drivers/base/power/opp/core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/base/power/opp/core.c b/drivers/base/power/opp/core.c
> index 91ec323..dae6172 100644
> --- a/drivers/base/power/opp/core.c
> +++ b/drivers/base/power/opp/core.c
> @@ -231,7 +231,8 @@ unsigned long dev_pm_opp_get_max_volt_latency(struct
> device *dev)
> * The caller needs to ensure that opp_table (and hence the regulator)
> * isn't freed, while we are executing this routine.
> */
> - for (i = 0; reg = regulators[i], i < count; i++) {
> + for (i = 0; i < count; i++) {
> + reg = regulators[i];
> ret = regulator_set_voltage_time(reg, uV[i].min, uV[i].max);
> if (ret > 0)
> latency_ns += ret * 1000;
Acked-by: Viresh Kumar <viresh.ku...@linaro.org>
--
viresh
