4 Apr
2019
4 Apr
'19
4:05 p.m.
On Thu, 04 Apr 2019 15:59:46 +0200, Pierre-Louis Bossart wrote:
+/* generic module parser for mmaped DSPs */ +int snd_sof_parse_module_memcpy(struct snd_sof_dev *sdev,
struct snd_sof_mod_hdr *module)+{
- struct snd_sof_blk_hdr *block;
- int count;
- u32 offset;
- size_t remaining;
- dev_dbg(sdev->dev, "new module size 0x%x blocks 0x%x type 0x%x\n",
module->size, module->num_blocks, module->type);- block = (struct snd_sof_blk_hdr *)((u8 *)module + sizeof(*module));
- /* module->size doesn't include header size */
- remaining = module->size;
- for (count = 0; count < module->num_blocks; count++) {
/* minus header size of block */remaining -= sizeof(*block);if (remaining < block->size) {dev_err(sdev->dev, "error: not enough data remaining\n");return -EINVAL;}remaining is unsigned, so a negative check doesn't work here. Hence you need the explicit underflow check.
yes, probably need ssize_t here.
Be careful. If block->size is unsigned, the comparison is also done as unsigned in the code above.
Takashi