On Wed, 2015-11-04 at 16:26 +0300, Dan Carpenter wrote: > Smatch complains about a possible out of bounds error: > > drivers/vfio/pci/vfio_pci_config.c:1241 vfio_cap_init() > error: buffer overflow 'pci_cap_length' 20 <= 20 > > Fix this by making the array larger. > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > diff --git a/drivers/vfio/pci/vfio_pci_config.c b/drivers/vfio/pci/vfio_pci_config.c [] > @@ -46,7 +46,7 @@ > * 0: Removed from the user visible capability list > * FF: Variable length > */ > -static u8 pci_cap_length[] = { > +static u8 pci_cap_length[PCI_CAP_ID_MAX + 1] = { > [PCI_CAP_ID_BASIC] = PCI_STD_HEADER_SIZEOF, /* pci config header */ > [PCI_CAP_ID_PM] = PCI_PM_SIZEOF, > [PCI_CAP_ID_AGP] = PCI_AGP_SIZEOF, Doesn't the same thing happen with pci_ext_cap_length? Both array declarations might be better as const. -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html