msm: vidc: avoid OOB write while accessing memory

/* Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.

/* Copyright (c) 2012-2020, The Linux Foundation. All rights reserved.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 and

	return;

}

static void __process_sys_error(struct venus_hfi_device *device)

static void print_sfr_message(struct venus_hfi_device *device)

{

	struct hfi_sfr_struct *vsfr = NULL;

	u32 vsfr_size = 0;

	void *p = NULL;

	/* Once SYS_ERROR received from HW, it is safe to halt the AXI.

	 * With SYS_ERROR, Venus FW may have crashed and HW might be

	vsfr = (struct hfi_sfr_struct *)device->sfr.align_virtual_addr;

	if (vsfr) {

		void *p = memchr(vsfr->rg_data, '\0', vsfr->bufSize);

		/* SFR isn't guaranteed to be NULL terminated

		   since SYS_ERROR indicates that Venus is in the

		   process of crashing.*/

		vsfr_size = vsfr->bufSize - sizeof(u32);

		p = memchr(vsfr->rg_data, '\0', vsfr_size);

		/* SFR isn't guaranteed to be NULL terminated */

		if (p == NULL)

			vsfr->rg_data[vsfr->bufSize - 1] = '\0';

			vsfr->rg_data[vsfr_size - 1] = '\0';

		dprintk(VIDC_ERR, "SFR Message from FW: %s\n",

				vsfr->rg_data);

	}

	if (device->intr_status & VIDC_WRAPPER_INTR_CLEAR_A2HWD_BMSK) {

		struct hfi_sfr_struct *vsfr = (struct hfi_sfr_struct *)

			device->sfr.align_virtual_addr;

		struct msm_vidc_cb_info info = {

			.response_type = HAL_SYS_WATCHDOG_TIMEOUT,

			.response.cmd = {

			}

		};

		if (vsfr)

			dprintk(VIDC_ERR, "SFR Message from FW: %s\n",

					vsfr->rg_data);

		print_sfr_message(device);

		dprintk(VIDC_ERR, "Received watchdog timeout\n");

		packets[packet_count++] = info;

		/* Process the packet types that we're interested in */

		switch (info->response_type) {

		case HAL_SYS_ERROR:

			__process_sys_error(device);

			print_sfr_message(device);

			break;

		case HAL_SYS_RELEASE_RESOURCE_DONE:

			dprintk(VIDC_DBG, "Received SYS_RELEASE_RESOURCE\n");