Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
speakup: Fix sizeof() vs ARRAY_SIZE() bug
commit 008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b upstream. The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got out of bounds. Fixes: c8d2f34ea96e ("speakup: Avoid crash on very long word") Cc: [email protected] Signed-off-by: Dan Carpenter <[email protected]> Reviewed-by: Samuel Thibault <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
- Loading branch information