RME: fix output fader array overflow.
Human readable output fader volumes are stored in the device setting's
output_faders array. The RME hardware flash interface requires derived
values, which are generated and stored in a separate buffer when needed.
This buffer has 32 elements. The last two elements are not fader values,
but a flag to indicate that MIDI is active (element 30) and a submix number
(element 31). It is suspected that these are for the convience of computer
software and are not used by the RME hardware. FFADO does not make use of
either element. As a result, only 30 fader values were copied between the
flash buffer and the output_faders array. However, this creates a buffer
overflow in the output_faders array, since this is defined to have
RME_FF800_MAX_CHANNELS elements, and RME_FF800_MAX_CHANNELS is 28.
The fix is to use the local "nch" variable as the upper bound on the value
conversion loop rather than a fixed value of 30. Unused flash buffer
elements will be unread or unwritten, which is acceptable since the relevant
flash buffer and fader arrays are always zeroed before use.
This issue was flagged by a QA warning in Gentoo and reported to the
ffado-devel mailing list by Hector Martin, along with the suggested fix.