misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()

Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case")
added NO_BAR (-1) to the pci_barno enum which, in practical terms,
changes the enum from an unsigned int to a signed int.  If the user
passes a negative number in pci_endpoint_test_ioctl() then it results in
an array underflow in pci_endpoint_test_bar().

Fixes: eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Manivannan Sadhasivam <mani@kernel.org>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Link: https://patch.msgid.link/aIzzZ4vc6ZrmM9rI@suswa

diff --git a/drivers/misc/pci_endpoint_test.c b/drivers/misc/pci_endpoint_test.c
index 1c156a3f845e112ed7f658acdf7aae1bc44290ed..f935175d8bf5505ea63320a0df48d6063c47f11d 100644 (file)
--- a/drivers/misc/pci_endpoint_test.c
+++ b/drivers/misc/pci_endpoint_test.c
@@ -937,7 +937,7 @@ static long pci_endpoint_test_ioctl(struct file *file, unsigned int cmd,
        switch (cmd) {
        case PCITEST_BAR:
                bar = arg;
-               if (bar > BAR_5)
+               if (bar <= NO_BAR || bar > BAR_5)
                        goto ret;
                if (is_am654_pci_dev(pdev) && bar == BAR_0)
                        goto ret;