On Tue, 07 Dec 2021 07:29:41 +0100, Kees Cook wrote:
The mixart_timer_notify structure was larger than could be represented by the mixart_msg_data array storage. Adjust the size to as large as possible to fix the warning seen with -Warray-bounds builds:
sound/pci/mixart/mixart_core.c: In function 'snd_mixart_threaded_irq': sound/pci/mixart/mixart_core.c:447:50: error: array subscript 'struct mixart_timer_notify[0]' is partly outside array bounds of 'u32[128]' {aka 'unsigned int[128]'} [-Werror=array-bounds] 447 | for(i=0; i<notify->stream_count; i++) { | ^~ sound/pci/mixart/mixart_core.c:328:12: note: while referencing 'mixart_msg_data' 328 | static u32 mixart_msg_data[MSG_DEFAULT_SIZE / 4]; | ^~~~~~~~~~~~~~~
Signed-off-by: Kees Cook keescook@chromium.org
Thanks, applied now.
@@ -444,6 +442,7 @@ irqreturn_t snd_mixart_threaded_irq(int irq, void *dev_id) struct mixart_timer_notify *notify; notify = (struct mixart_timer_notify *)mixart_msg_data;
BUILD_BUG_ON(sizeof(notify) > sizeof(mixart_msg_data)); for(i=0; i<notify->stream_count; i++) { u32 buffer_id = notify->streams[i].buffer_id;
I guess we should add the array boundary check of notify->stream_count, instead of fully relying on the hardware reply, too. Will submit the additional check.
Takashi