staging/slicoss: Fix buffer possible overflow in slic_card_locate

smatch complains about a possible buffer overflow
slicoss.c:3651 slic_card_locate() error: buffer overflow
'physcard->adapter' 4 <= 4

If the for loop is not exited prematurely i++ is executed after the last
iteration and thus i can be 4, which is out of bounds for
physcard->adapter.

-> Add check for this condition and simplify the if statement by
inverting the condition.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/slicoss/slicoss.c b/drivers/staging/slicoss/slicoss.c
index fc085856c027e3006fa89f25e1161194315e817c..48056bf910b3d02617a738a255cea85b8a58353f 100644 (file)
--- a/drivers/staging/slicoss/slicoss.c
+++ b/drivers/staging/slicoss/slicoss.c
@@ -3643,11 +3643,12 @@ static u32 slic_card_locate(struct adapter *adapter)
 
        while (physcard) {
                for (i = 0; i < SLIC_MAX_PORTS; i++) {
-                       if (!physcard->adapter[i])
-                               continue;
-                       else
+                       if (physcard->adapter[i])
                                break;
                }
+               if (i == SLIC_MAX_PORTS)
+                       break;
+
                if (physcard->adapter[i]->slotnumber == adapter->slotnumber)
                        break;
                physcard = physcard->next;