From d45e41bf0c9a33db182d9bb6b4aaa3926f923a05 Mon Sep 17 00:00:00 2001 From: Yida Wang Date: Wed, 5 Apr 2017 15:32:36 -0400 Subject: [PATCH] seemp: fix code analysis issues Fix code analysis issues related to seemp, such as, variables might be used uninitialized, and array may use index values larger than its size. Change-Id: Ic537ece4d00ac3d72d679359b60999df473f8710 Signed-off-by: Yida Wang --- drivers/platform/msm/seemp_core/seemp_logk.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/platform/msm/seemp_core/seemp_logk.c b/drivers/platform/msm/seemp_core/seemp_logk.c index 9b6096485c39..d0f21943cb0f 100644 --- a/drivers/platform/msm/seemp_core/seemp_logk.c +++ b/drivers/platform/msm/seemp_core/seemp_logk.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2015, The Linux Foundation. All rights reserved. + * Copyright (c) 2014-2015, 2017, The Linux Foundation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 and @@ -184,6 +184,8 @@ static int seemp_logk_usr_record(const char __user *buf, size_t count) if (copy_from_user(&usr_blk.payload, &local_blk->payload, sizeof(struct blk_payload)) != 0) return -EFAULT; + } else { + return -EFAULT; } idx = ret = 0; now = current_kernel_time(); @@ -283,7 +285,12 @@ static bool seemp_logk_get_bit_from_vector(__u8 *pVec, __u32 index) { unsigned int byte_num = index/8; unsigned int bit_num = index%8; - unsigned char byte = pVec[byte_num]; + unsigned char byte; + + if (DIV_ROUND_UP(index, 8) > MASK_BUFFER_SIZE) + return false; + + byte = pVec[byte_num]; return !(byte & (1 << bit_num)); }