From: Jarod Wilson <jarod@redhat.com>
To: Dan Carpenter <error27@gmail.com>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>,
Zimny Lech <napohybelskurwysynom2010@gmail.com>,
linux-media@vger.kernel.org, kernel-janitors@vger.kernel.org
Subject: Re: [patch 3/3] [media] lirc_dev: fixes in lirc_dev_fop_read()
Date: Wed, 17 Nov 2010 20:23:58 +0000 [thread overview]
Message-ID: <20101117202358.GD24814@redhat.com> (raw)
In-Reply-To: <20101117052015.GF31724@bicker>
On Wed, Nov 17, 2010 at 08:20:15AM +0300, Dan Carpenter wrote:
> This makes several changes but they're in one function and sort of
> related:
>
> "buf" was leaked on error. The leak if we try to read an invalid
> length is the main concern because it could be triggered over and
> over.
>
> If the copy_to_user() failed, then the original code returned the
> number of bytes remaining. read() is supposed to be the opposite way,
> where we return the number of bytes copied. I changed it to just return
> -EFAULT on errors.
>
> Also I changed the debug output from "-EFAULT" to just "<fail>" because
> it isn't -EFAULT necessarily. And since we go though that path if the
> length is invalid now, there was another debug print that I removed.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Looks good, thanks much.
Reviewed-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
--
Jarod Wilson
jarod@redhat.com
WARNING: multiple messages have this Message-ID (diff)
From: Jarod Wilson <jarod@redhat.com>
To: Dan Carpenter <error27@gmail.com>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>,
Zimny Lech <napohybelskurwysynom2010@gmail.com>,
linux-media@vger.kernel.org, kernel-janitors@vger.kernel.org
Subject: Re: [patch 3/3] [media] lirc_dev: fixes in lirc_dev_fop_read()
Date: Wed, 17 Nov 2010 15:23:58 -0500 [thread overview]
Message-ID: <20101117202358.GD24814@redhat.com> (raw)
In-Reply-To: <20101117052015.GF31724@bicker>
On Wed, Nov 17, 2010 at 08:20:15AM +0300, Dan Carpenter wrote:
> This makes several changes but they're in one function and sort of
> related:
>
> "buf" was leaked on error. The leak if we try to read an invalid
> length is the main concern because it could be triggered over and
> over.
>
> If the copy_to_user() failed, then the original code returned the
> number of bytes remaining. read() is supposed to be the opposite way,
> where we return the number of bytes copied. I changed it to just return
> -EFAULT on errors.
>
> Also I changed the debug output from "-EFAULT" to just "<fail>" because
> it isn't -EFAULT necessarily. And since we go though that path if the
> length is invalid now, there was another debug print that I removed.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Looks good, thanks much.
Reviewed-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
--
Jarod Wilson
jarod@redhat.com
next prev parent reply other threads:[~2010-11-17 20:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-17 5:20 [patch 3/3] [media] lirc_dev: fixes in lirc_dev_fop_read() Dan Carpenter
2010-11-17 5:20 ` Dan Carpenter
2010-11-17 20:23 ` Jarod Wilson [this message]
2010-11-17 20:23 ` Jarod Wilson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101117202358.GD24814@redhat.com \
--to=jarod@redhat.com \
--cc=error27@gmail.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=mchehab@infradead.org \
--cc=napohybelskurwysynom2010@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.