Hi,
Sparse pointed me at the following line in ivtv-fileops.c's ivtv_v4l2_write:
ivtv_write_vbi(itv, (const struct v4l2_sliced_vbi_data
*)user_buf, elems);
Now user_buf is a parameter:
const char __user *user_buf,
so that is losing the __user, and I don't see what else protects
the accesses that ivtv_write_vbi performs.
Is there something that makes this safe?
Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ gro.gilbert @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
_______________________________________________
ivtv-devel mailing list
[email protected]
http://ivtvdriver.org/mailman/listinfo/ivtv-devel
