V4L/DVB (12337): ivtv: Read buffer overflow This mistakenly tests against sizeof(freqs) instead of the array size. Due to the mask the only illegal value possible was 3. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andy Walls <awalls@radix.net> Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>

commit: ed18d0c87ee0ab6e0985d83c19cd135b1bd54998 [log] [tgz]
author: Roel Kluin <roel.kluin@gmail.com> Thu Jul 23 21:46:57 2009 -0300
committer: Mauro Carvalho Chehab <mchehab@redhat.com> Thu Aug 13 20:39:02 2009 -0300
tree: 4525e5280f255ab41794fb6a8b89a159a5d44486
parent: 5b766182a110311fbf618f736bc8a8f2f7ce3f4c [diff] [blame]
diff --git a/drivers/media/video/ivtv/ivtv-controls.c b/drivers/media/video/ivtv/ivtv-controls.c
index a3b77ed..4a9c8ce 100644
--- a/drivers/media/video/ivtv/ivtv-controls.c
+++ b/drivers/media/video/ivtv/ivtv-controls.c

@@ -17,6 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
+#include <linux/kernel.h>
 
 #include "ivtv-driver.h"
 #include "ivtv-cards.h"
@@ -281,7 +282,7 @@
 		idx = p.audio_properties & 0x03;
 		/* The audio clock of the digitizer must match the codec sample
 		   rate otherwise you get some very strange effects. */
-		if (idx < sizeof(freqs))
+		if (idx < ARRAY_SIZE(freqs))
 			ivtv_call_all(itv, audio, s_clock_freq, freqs[idx]);
 		return err;
 	}
commit	ed18d0c87ee0ab6e0985d83c19cd135b1bd54998	[log] [tgz]
author	Roel Kluin <roel.kluin@gmail.com>	Thu Jul 23 21:46:57 2009 -0300
committer	Mauro Carvalho Chehab <mchehab@redhat.com>	Thu Aug 13 20:39:02 2009 -0300
tree	4525e5280f255ab41794fb6a8b89a159a5d44486
parent	5b766182a110311fbf618f736bc8a8f2f7ce3f4c [diff] [blame]