From 515770f0ad5d7cbf6111a2c2ea3d1a28e12343ce Mon Sep 17 00:00:00 2001 From: Andy Shevchenko Date: Thu, 21 Nov 2019 16:02:07 +0200 Subject: [PATCH] fbtft: Fix the initialization from property algorithm When converting to device property API the commit 38fbe8f7ccaa ("fbtft: Make use of device property API") mistakenly placed the reading of the first value inside the loop, that jumps over value after initialization sequence or sleep commands. Move the above mentioned reading outside of the loop to restore correct behaviour. Besides that, we are using pre-increment operation which may lead to out of the boundary access at the end of sequence. Thus, allocate buffer with an additional element at the end to prevent out of the boundary access. Fixes: 38fbe8f7ccaa ("fbtft: Make use of device property API") Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20191121140207.65089-1-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman --- drivers/staging/fbtft/fbtft-core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c index ffb84987dd867..d3e098b41b1a4 100644 --- a/drivers/staging/fbtft/fbtft-core.c +++ b/drivers/staging/fbtft/fbtft-core.c @@ -913,7 +913,7 @@ static int fbtft_init_display_from_property(struct fbtft_par *par) if (count == 0) return -EINVAL; - values = kmalloc_array(count, sizeof(*values), GFP_KERNEL); + values = kmalloc_array(count + 1, sizeof(*values), GFP_KERNEL); if (!values) return -ENOMEM; @@ -926,9 +926,9 @@ static int fbtft_init_display_from_property(struct fbtft_par *par) gpiod_set_value(par->gpio.cs, 0); /* Activate chip */ index = -1; - while (index < count) { - val = values[++index]; + val = values[++index]; + while (index < count) { if (val & FBTFT_OF_INIT_CMD) { val &= 0xFFFF; i = 0; -- 2.39.5