crypto: qat/qat_4xxx - fix off by one in uof_get_name()

[ Upstream commit 475b5098043eef6e72751aadeab687992a5b63d1 ] The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read. Fixes: 10484c647a ("crypto: qat - refactor fw config logic for 4xxx") Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>
2026-06-09 04:10:18 +09:00 · 2024-09-28 13:05:08 +03:00
parent 2a064b788d
commit 05c9a7a534
1 changed files with 1 additions and 1 deletions
--- a/drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c
+++ b/drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c
@@ -473,7 +473,7 @@ static const char *uof_get_name(struct adf_accel_dev *accel_dev, u32 obj_num,
 	else
 		id = -EINVAL;

-	if (id < 0 || id > num_objs)
+	if (id < 0 || id >= num_objs)
 		return NULL;

 	return fw_objs[id];