On Sun, Dec 05, 2010 at 12:05:22AM +0300, Vasiliy Kulikov wrote: > 'n' may be bigger than MAX_INT*sizeof(int), if so checking of truncated > (int)(n/sizeof(int)) for LIRCBUF_SIZE overflows and then using nontruncated > 'count' > doesn't make sense. This is not a security issue as too big 'n' is catched in > kmalloc() in memdup_user() call. However, it's better to prevent WARN() in > kmalloc(). > > Signed-off-by: Vasiliy Kulikov <[email protected]>
Now that I have my head out of my arse wrt the actual issue here, the redundancy issue from v1 is resolved, and I've managed a full night's sleep... ;) Acked-by: Jarod Wilson <[email protected]> -- Jarod Wilson [email protected] -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
