While the code is correct, it produces this warning:
drivers/media/i2c/ir-kbd-i2c.c:593 zilog_ir_format() error: buffer
overflow 'code_block->codes' 61 <= 173
As static analyzers may be tricked by arithmetic expressions on
comparisions. So, change the order, in order to shut up this
false-positive warning.
That also makes easier for humans to understand that it won't
be trying to go past buffer size.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
---
drivers/media/i2c/ir-kbd-i2c.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/media/i2c/ir-kbd-i2c.c b/drivers/media/i2c/ir-kbd-i2c.c
index 1d11aab1817a..a7e23bcf845c 100644
--- a/drivers/media/i2c/ir-kbd-i2c.c
+++ b/drivers/media/i2c/ir-kbd-i2c.c
@@ -583,7 +583,7 @@ static int zilog_ir_format(struct rc_dev *rcdev, unsigned
int *txbuf,
/* first copy any leading non-repeating */
int leading = c - rep * 3;
- if (leading + rep >= ARRAY_SIZE(code_block->codes) - 3) {
+ if (leading >= ARRAY_SIZE(code_block->codes) - 3 - rep) {
dev_warn(&rcdev->dev, "IR too long, cannot transmit\n");
return -EINVAL;
}
--
2.14.3
