[SCSI] u14-34f: fix buffer overflow

This allows i == MAX_INT_PARAM, which is out of range for ints[] Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Bottomley <James.Bottomley@suse.de>

[SCSI] u14-34f: fix buffer overflow
This allows i == MAX_INT_PARAM, which is out of range for ints[] Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Bottomley <James.Bottomley@suse.de>
4a02462a · Roel Kluin · James Bottomley · 8fe79162 · 4a02462a
Commit 4a02462a authored Dec 08, 2009 by Roel Kluin Committed by James Bottomley Jan 18, 2010
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

drivers/scsi/u14-34f.c drivers/scsi/u14-34f.c +1 -1

No files found.
--- a/drivers/scsi/u14-34f.c
+++ b/drivers/scsi/u14-34f.c
@@ -1070,7 +1070,7 @@ static int option_setup(char *str) {
   char *cur = str;
   int i = 1;

-   while (cur && isdigit(*cur) && i <= MAX_INT_PARAM) {
+   while (cur && isdigit(*cur) && i < MAX_INT_PARAM) {
      ints[i++] = simple_strtoul(cur, NULL, 0);

      if ((cur = strchr(cur, ',')) != NULL) cur++;