From f6f02f189354bf3576372611145f670f29e0ba58 Mon Sep 17 00:00:00 2001
From: hathach <thach@tinyusb.org>
Date: Sat, 25 Jan 2025 23:07:34 +0700
Subject: [PATCH] correct offset check logic

---
 examples/device/cdc_msc/src/msc_disk.c          | 8 ++++++--
 examples/device/cdc_msc_freertos/src/msc_disk.c | 9 +++++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/examples/device/cdc_msc/src/msc_disk.c b/examples/device/cdc_msc/src/msc_disk.c
index c1132bbfcb..d325d77fa4 100644
--- a/examples/device/cdc_msc/src/msc_disk.c
+++ b/examples/device/cdc_msc/src/msc_disk.c
@@ -190,10 +190,14 @@ int32_t tud_msc_read10_cb(uint8_t lun, uint32_t lba, uint32_t offset, void* buff
   (void) lun;
 
   // out of ramdisk
-  if ( lba >= DISK_BLOCK_NUM ) return -1;
+  if ( lba >= DISK_BLOCK_NUM ) {
+    return -1;
+  }
 
   // Check for overflow of offset + bufsize
-  if ( offset + bufsize >= DISK_BLOCK_SIZE ) return -1;
+  if ( offset + bufsize > DISK_BLOCK_SIZE ) {
+    return -1;
+  }
 
   uint8_t const* addr = msc_disk[lba] + offset;
   memcpy(buffer, addr, bufsize);
diff --git a/examples/device/cdc_msc_freertos/src/msc_disk.c b/examples/device/cdc_msc_freertos/src/msc_disk.c
index e13c244364..d325d77fa4 100644
--- a/examples/device/cdc_msc_freertos/src/msc_disk.c
+++ b/examples/device/cdc_msc_freertos/src/msc_disk.c
@@ -190,9 +190,14 @@ int32_t tud_msc_read10_cb(uint8_t lun, uint32_t lba, uint32_t offset, void* buff
   (void) lun;
 
   // out of ramdisk
-  if ( lba >= DISK_BLOCK_NUM ) return -1;
+  if ( lba >= DISK_BLOCK_NUM ) {
+    return -1;
+  }
+
   // Check for overflow of offset + bufsize
-  if ( offset + bufsize >= DISK_BLOCK_SIZE ) return -1;
+  if ( offset + bufsize > DISK_BLOCK_SIZE ) {
+    return -1;
+  }
 
   uint8_t const* addr = msc_disk[lba] + offset;
   memcpy(buffer, addr, bufsize);