In drivers/mtd/nand/omap2.c:982
if (err_loc[j] < BCH8_ECC_MAX)
dat[byte_pos] ^=
1 << bit_pos;
range of byte_pos is [0,512+13),however range of dat is [0,512).
This discrepancy may lead to an out-of-bounds access when byte_pos exceeds 512, potentially causing undefined behavior or memory corruption.
In drivers/mtd/nand/omap2.c:982
if (err_loc[j] < BCH8_ECC_MAX)
dat[byte_pos] ^=
1 << bit_pos;
range of byte_pos is [0,512+13),however range of dat is [0,512).
This discrepancy may lead to an out-of-bounds access when byte_pos exceeds 512, potentially causing undefined behavior or memory corruption.