Array 'c_brf_chip' of size 8 could be accessed by index > 7. We should limit array access like in previous check at line 221. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/hciattach_tialt.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/hciattach_tialt.c b/tools/hciattach_tialt.c index 520b383a1..4f7fd42a3 100644 --- a/tools/hciattach_tialt.c +++ b/tools/hciattach_tialt.c @@ -221,7 +221,8 @@ int texasalt_init(int fd, int speed, struct termios *ti) ((brf_chip > 7) ? "unknown" : c_brf_chip[brf_chip]), brf_chip); - sprintf(fw, "/etc/firmware/%s.bin", c_brf_chip[brf_chip]); + sprintf(fw, "/etc/firmware/%s.bin", + (brf_chip > 7) ? "unknown" : c_brf_chip[brf_chip]); texas_load_firmware(fd, fw); texas_change_speed(fd, speed); -- 2.35.1