Using BUG_ON() is discouraged and also the check wasn't done early
enough to prevent an out of bounds access. Check earlier and return
an error instead of calling BUG().
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
drivers/gpio/gpio-nomadik.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/gpio/gpio-nomadik.c b/drivers/gpio/gpio-nomadik.c
index 463a765620dc..5e2f9b51ece3 100644
--- a/drivers/gpio/gpio-nomadik.c
+++ b/drivers/gpio/gpio-nomadik.c
@@ -533,6 +533,11 @@ struct nmk_gpio_chip *nmk_gpio_populate_chip(struct fwnode_handle *fwnode,
}
#ifdef CONFIG_PINCTRL_NOMADIK
+ if (id >= ARRAY_SIZE(nmk_gpio_chips)) {
+ dev_err(dev, "populate: invalid id: %u\n", id);
+ platform_device_put(gpio_pdev);
+ return ERR_PTR(-EINVAL);
+ }
/* Already populated? */
nmk_chip = nmk_gpio_chips[id];
if (nmk_chip) {
@@ -606,7 +611,6 @@ struct nmk_gpio_chip *nmk_gpio_populate_chip(struct fwnode_handle *fwnode,
}
#ifdef CONFIG_PINCTRL_NOMADIK
- BUG_ON(nmk_chip->bank >= ARRAY_SIZE(nmk_gpio_chips));
nmk_gpio_chips[id] = nmk_chip;
#endif
return nmk_chip;
--
2.43.0
