From bbd562d717a84c6464211e8bd5efa0d9e25edc6d Mon Sep 17 00:00:00 2001
From: Wim Van Sebroeck <wim@iguana.be>
Date: Mon, 21 Feb 2011 10:52:43 +0000
Subject: [PATCH] watchdog: cpwd: Fix buffer-overflow

cppcheck-1.47 reports:
[drivers/watchdog/cpwd.c:650]: (error) Buffer access out-of-bounds: p.devs

The source code is
	for (i = 0; i < 4; i++) {
		misc_deregister(&p->devs[i].misc);

where devs is defined as WD_NUMDEVS big and WD_NUMDEVS is equal to 3.
So the 4 should be a 3 or WD_NUMDEVS.

Reported-By: David Binderman
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
---
 drivers/watchdog/cpwd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/watchdog/cpwd.c b/drivers/watchdog/cpwd.c
index eca855a55c0..3de4ba0260a 100644
--- a/drivers/watchdog/cpwd.c
+++ b/drivers/watchdog/cpwd.c
@@ -646,7 +646,7 @@ static int __devexit cpwd_remove(struct platform_device *op)
 	struct cpwd *p = dev_get_drvdata(&op->dev);
 	int i;
 
-	for (i = 0; i < 4; i++) {
+	for (i = 0; i < WD_NUMDEVS; i++) {
 		misc_deregister(&p->devs[i].misc);
 
 		if (!p->enabled) {
-- 
2.39.2