On Tue, Jan 16, 2018 at 10:52:15PM +0100, Arnd Bergmann wrote: > While experimenting with older compiler versions, I ran > into a warning that no longer shows up on gcc-4.8 or newer: > > drivers/media/platform/s3c-camif/camif-capture.c: In function > '__camif_subdev_try_format': > drivers/media/platform/s3c-camif/camif-capture.c:1265:25: error: array > subscript is below array bounds > > This is an off-by-one bug, leading to an access before the start of the > array, while newer compilers silently assume this undefined behavior > cannot happen and leave the loop at index 0 if no other entry matches. > > As Sylvester explains, we actually need to ensure that the > value is within the range, so this reworks the loop to be > easier to parse correctly, and an additional check to fall > back on the first format value for any unexpected input. > > I found an existing gcc bug for it and added a reduced version > of the function there. > > Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69249#c3 > Fixes: babde1c243b2 ("[media] V4L: Add driver for S3C24XX/S3C64XX SoC series > camera interface") > Signed-off-by: Arnd Bergmann <a...@arndb.de>
Acked-by: Sakari Ailus <sakari.ai...@linux.intel.com> -- Sakari Ailus sakari.ai...@linux.intel.com
