V4L/DVB (12338): cx18: Read buffer overflow
This mistakenly tested against sizeof(freqs) instead of the array size. Due to the mask the only illegal value possible was 3. Reported-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andy Walls <awalls@radix.net> Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
This commit is contained in:
Andy Walls
Mauro Carvalho Chehab
parent
ed18d0c87e
commit
225aeb1c58
1 changed files with 2 additions and 1 deletions
|
|
@ -20,6 +20,7 @@
|
|||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
||||
* 02111-1307 USA
|
||||
*/
|
||||
#include <linux/kernel.h>
|
||||
|
||||
#include "cx18-driver.h"
|
||||
#include "cx18-cards.h"
|
||||
|
|
@ -317,7 +318,7 @@ int cx18_s_ext_ctrls(struct file *file, void *fh, struct v4l2_ext_controls *c)
|
|||
idx = p.audio_properties & 0x03;
|
||||
/* The audio clock of the digitizer must match the codec sample
|
||||
rate otherwise you get some very strange effects. */
|
||||
if (idx < sizeof(freqs))
|
||||
if (idx < ARRAY_SIZE(freqs))
|
||||
cx18_call_all(cx, audio, s_clock_freq, freqs[idx]);
|
||||
return err;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue