From ada155f04184f09ed6972ac7bbe86205422275e0 Mon Sep 17 00:00:00 2001
From: VijayaKumar T M <vtmuni@codeaurora.org>
Date: Wed, 4 Jan 2017 13:12:38 +0530
Subject: msm-camera: Addressing possible overflow conditions

Changes to address possible integer overflow and incorrect
array indexing conditions.

CRs-Fixed: 897259
Change-Id: Ib134320cd6f7b34d7a10572ec347ec12127049a9
Signed-off-by: Trilokesh Rangam <tranga@codeaurora.org>
Signed-off-by: Yang Guang <guyang@codeaurora.org>
Signed-off-by: VijayaKumar T M <vtmuni@codeaurora.org>
---
 drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_io_util.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_io_util.c b/drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_io_util.c
index 41c784a..ffd1f1e 100644
--- a/drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_io_util.c
+++ b/drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_io_util.c
@@ -253,6 +253,12 @@ int msm_camera_config_vreg(struct device *dev, struct camera_vreg_t *cam_vreg,
 		pr_err("%s:%d vreg sequence invalid\n", __func__, __LINE__);
 		return -EINVAL;
 	}
+
+	if (cam_vreg == NULL) {
+		pr_err("%s:%d cam_vreg sequence invalid\n", __func__, __LINE__);
+		return -EINVAL;
+	}
+
 	if (!num_vreg_seq)
 		num_vreg_seq = num_vreg;
 
-- 
cgit v1.1