The indices are signed, it's not negative before we read an
array element.
Signed-off-by: Roel Kluin <[email protected]>
---
arch/blackfin/kernel/gptimers.c | 32 ++++++++++++++++----------------
1 files changed, 16 insertions(+), 16 deletions(-)
Found by code analysis, is this required?
diff --git a/arch/blackfin/kernel/gptimers.c b/arch/blackfin/kernel/gptimers.c
index 7281a91..3b2a1c5 100644
--- a/arch/blackfin/kernel/gptimers.c
+++ b/arch/blackfin/kernel/gptimers.c
@@ -139,7 +139,7 @@ static uint32_t const timil_mask[MAX_BLACKFIN_GPTIMERS] =
void set_gptimer_pwidth(int timer_id, uint32_t value)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
timer_regs[timer_id]->width = value;
SSYNC();
}
@@ -147,14 +147,14 @@ EXPORT_SYMBOL(set_gptimer_pwidth);
uint32_t get_gptimer_pwidth(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return timer_regs[timer_id]->width;
}
EXPORT_SYMBOL(get_gptimer_pwidth);
void set_gptimer_period(int timer_id, uint32_t period)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
timer_regs[timer_id]->period = period;
SSYNC();
}
@@ -162,28 +162,28 @@ EXPORT_SYMBOL(set_gptimer_period);
uint32_t get_gptimer_period(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return timer_regs[timer_id]->period;
}
EXPORT_SYMBOL(get_gptimer_period);
uint32_t get_gptimer_count(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return timer_regs[timer_id]->counter;
}
EXPORT_SYMBOL(get_gptimer_count);
uint32_t get_gptimer_status(int group)
{
- tassert(group < BFIN_TIMER_NUM_GROUP);
+ tassert(group < BFIN_TIMER_NUM_GROUP && group >= 0);
return group_regs[group]->status;
}
EXPORT_SYMBOL(get_gptimer_status);
void set_gptimer_status(int group, uint32_t value)
{
- tassert(group < BFIN_TIMER_NUM_GROUP);
+ tassert(group < BFIN_TIMER_NUM_GROUP && group >= 0);
group_regs[group]->status = value;
SSYNC();
}
@@ -191,42 +191,42 @@ EXPORT_SYMBOL(set_gptimer_status);
int get_gptimer_intr(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return !!(group_regs[BFIN_TIMER_OCTET(timer_id)]->status & timil_mask[timer_id]);
}
EXPORT_SYMBOL(get_gptimer_intr);
void clear_gptimer_intr(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
group_regs[BFIN_TIMER_OCTET(timer_id)]->status = timil_mask[timer_id];
}
EXPORT_SYMBOL(clear_gptimer_intr);
int get_gptimer_over(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return !!(group_regs[BFIN_TIMER_OCTET(timer_id)]->status & tovf_mask[timer_id]);
}
EXPORT_SYMBOL(get_gptimer_over);
void clear_gptimer_over(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
group_regs[BFIN_TIMER_OCTET(timer_id)]->status = tovf_mask[timer_id];
}
EXPORT_SYMBOL(clear_gptimer_over);
int get_gptimer_run(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return !!(group_regs[BFIN_TIMER_OCTET(timer_id)]->status & trun_mask[timer_id]);
}
EXPORT_SYMBOL(get_gptimer_run);
void set_gptimer_config(int timer_id, uint16_t config)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
timer_regs[timer_id]->config = config;
SSYNC();
}
@@ -234,7 +234,7 @@ EXPORT_SYMBOL(set_gptimer_config);
uint16_t get_gptimer_config(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
return timer_regs[timer_id]->config;
}
EXPORT_SYMBOL(get_gptimer_config);
@@ -282,7 +282,7 @@ EXPORT_SYMBOL(disable_gptimers_sync);
void set_gptimer_pulse_hi(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
timer_regs[timer_id]->config |= TIMER_PULSE_HI;
SSYNC();
}
@@ -290,7 +290,7 @@ EXPORT_SYMBOL(set_gptimer_pulse_hi);
void clear_gptimer_pulse_hi(int timer_id)
{
- tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
+ tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
timer_regs[timer_id]->config &= ~TIMER_PULSE_HI;
SSYNC();
}
On Mon, Nov 2, 2009 at 06:09, Roel Kluin wrote:
> The indices are signed, it's not negative before we read an
> array element.
>
> Found by code analysis, is this required?
>
> --- a/arch/blackfin/kernel/gptimers.c
> +++ b/arch/blackfin/kernel/gptimers.c
> @@ -139,7 +139,7 @@ static uint32_t const timil_mask[MAX_BLACKFIN_GPTIMERS] =
>
> void set_gptimer_pwidth(int timer_id, uint32_t value)
> {
> - tassert(timer_id < MAX_BLACKFIN_GPTIMERS);
> + tassert(timer_id < MAX_BLACKFIN_GPTIMERS && timer_id >= 0);
the gptimer API is supposed to use symbolic defines only (TIMER#_id),
but that doesnt mean people couldnt pass in negative numbers
themselves. but rather than fix it this way, i'll change the API to
use unsigned ints.
-mike