ais: match type to avoid array overflow

Fix buffer overflow and array index out of bounds cases. Because size of int(32bits) unequal to size of long(64bits). Change-Id: I45a70ec5b6926698bb444fc78f85785bc4a25ea5 Signed-off-by: Andy Sun <bins@codeaurora.org>
author: Andy Sun <bins@codeaurora.org> 2018-03-06 16:16:39 +0800
committer: Andy Sun <bins@codeaurora.org> 2018-03-06 16:16:46 +0800
commit: eed92b4a0f8f5b79e294e909f27aed47112dd748 (patch)
tree: 60607e65fa14e4b61e5331cf6c6a34cb3ba265f0
parent: a337c17cebeadebddd57cfae9d7953567969be06 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/media/platform/msm/ais/camera/camera.c b/drivers/media/platform/msm/ais/camera/camera.c
index afba7386a82b..353b74794bc8 100644
--- a/drivers/media/platform/msm/ais/camera/camera.c
+++ b/drivers/media/platform/msm/ais/camera/camera.c
@@ -550,7 +550,7 @@ static int camera_v4l2_fh_open(struct file *filep)
 {
 	struct msm_video_device *pvdev = video_drvdata(filep);
 	struct camera_v4l2_private *sp;
-	unsigned int stream_id;
+	unsigned long stream_id;
 
 	sp = kzalloc(sizeof(*sp), GFP_KERNEL);
 	if (!sp)
@@ -627,7 +627,7 @@ static int camera_v4l2_open(struct file *filep)
 	int rc = 0;
 	struct v4l2_event event;
 	struct msm_video_device *pvdev = video_drvdata(filep);
-	unsigned int opn_idx, idx;
+	unsigned long opn_idx, idx;
 
 	if (WARN_ON(!pvdev))
 		return -EIO;
author	Andy Sun <bins@codeaurora.org>	2018-03-06 16:16:39 +0800
committer	Andy Sun <bins@codeaurora.org>	2018-03-06 16:16:46 +0800
commit	eed92b4a0f8f5b79e294e909f27aed47112dd748 (patch)
tree	60607e65fa14e4b61e5331cf6c6a34cb3ba265f0
parent	a337c17cebeadebddd57cfae9d7953567969be06 (diff)