msm: actuator: fix to prevent kernel heap buffer overflow

	struct msm_camera_i2c_reg_array *i2c_tbl = a_ctrl->i2c_reg_tbl;

	struct msm_camera_i2c_reg_array *i2c_tbl = a_ctrl->i2c_reg_tbl;

	CDBG("Enter\n");

	CDBG("Enter\n");

	for (i = 0; i < size; i++) {

	for (i = 0; i < size; i++) {

		/* check that the index into i2c_tbl cannot grow larger that

		the allocated size of i2c_tbl */

		if ((a_ctrl->total_steps + 1) < (a_ctrl->i2c_tbl_index)) {

			break;

		}

		if (write_arr[i].reg_write_type == MSM_ACTUATOR_WRITE_DAC) {

		if (write_arr[i].reg_write_type == MSM_ACTUATOR_WRITE_DAC) {

			value = (next_lens_position <<

			value = (next_lens_position <<

				write_arr[i].data_shift) |

				write_arr[i].data_shift) |

	a_ctrl->i2c_data_type = set_info->actuator_params.i2c_data_type;

	a_ctrl->i2c_data_type = set_info->actuator_params.i2c_data_type;

	a_ctrl->i2c_client.addr_type = set_info->actuator_params.i2c_addr_type;

	a_ctrl->i2c_client.addr_type = set_info->actuator_params.i2c_addr_type;

	if (set_info->actuator_params.reg_tbl_size <=

		MAX_ACTUATOR_REG_TBL_SIZE) {

		a_ctrl->reg_tbl_size = set_info->actuator_params.reg_tbl_size;

		a_ctrl->reg_tbl_size = set_info->actuator_params.reg_tbl_size;

	if (a_ctrl->reg_tbl_size > MAX_ACTUATOR_REG_TBL_SIZE) {

	} else {

		a_ctrl->reg_tbl_size = 0;

		pr_err("MAX_ACTUATOR_REG_TBL_SIZE is exceeded.\n");

		pr_err("MAX_ACTUATOR_REG_TBL_SIZE is exceeded.\n");

		return -EFAULT;

		return -EFAULT;

	}

	}