stm class: Fix an off-by-one in master array allocation

Since both sw_start and sw_end are master indices, the size of array
that holds them is sw_end - sw_start + 1, which the current code gets
wrong, allocating one item less than required.

This patch corrects the allocation size, avoiding potential slab
corruption.

Signed-off-by: Chunyan Zhang <zhang.chunyan@linaro.org>
[alexander.shishkin@linux.intel.com: re-wrote the commit message]
Signed-off-by: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/hwtracing/stm/core.c b/drivers/hwtracing/stm/core.c
index ddcb606acea61c713b0068ab6976ddddd80d0920..40a8b79ab7db4d12cf4313c939ce11cdaf6a7933 100644 (file)
--- a/drivers/hwtracing/stm/core.c
+++ b/drivers/hwtracing/stm/core.c
@@ -618,7 +618,7 @@ int stm_register_device(struct device *parent, struct stm_data *stm_data,
        if (!stm_data->packet || !stm_data->sw_nchannels)
                return -EINVAL;
 
-       nmasters = stm_data->sw_end - stm_data->sw_start;
+       nmasters = stm_data->sw_end - stm_data->sw_start + 1;
        stm = kzalloc(sizeof(*stm) + nmasters * sizeof(void *), GFP_KERNEL);
        if (!stm)
                return -ENOMEM;