[PATCH 1/2] Fix possible array bound violation for insanely long dives

[Linus Torvalds]

From: Linus Torvalds <torvalds at linux-foundation.org>
Date: Sun, 11 Nov 2012 14:51:33 +0100
Subject: [PATCH 1/2] Fix possible array bound violation for insanely long dives

When we calculate the interval for the tick-marks for the dive, we need
to limit 'i' to be within the size of the array.  The code does that
with a "i < 8" check, but the fact is, we must never increment past the
last entry, which is 7 (the size of the array is 8, but the last valid
index is 7).

This only happens for unrealistically long dives.  Which you can trigger
either by inputting insane values for a manually created dive, or by
merging two dives that are consecutive, but not close to each other
time-wise (eg on different days ;)

Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
---
 profile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/profile.c b/profile.c
index c8ce440d6917..700f5d08a6ba 100644
--- a/profile.c
+++ b/profile.c
@@ -910,7 +910,7 @@ static void plot_depth_profile(struct graphics_context *gc, struct plot_info *pi
 	 * we double the interval if this still doesn't get us to 12 or fewer
 	 * time markers */
 	i = 0;
-	while (maxtime / increments[i] > 12 && i < 8)
+	while (maxtime / increments[i] > 12 && i < 7)
 		i++;
 	incr = increments[i];
 	while (maxtime / incr > 12)
-- 
1.8.0