On Fri, 5 Sep 2003 17:16:36 -0700 Greg KH <[EMAIL PROTECTED]> wrote: > ChangeSet 1.1119.3.10, 2003/09/05 15:47:40-07:00, [EMAIL PROTECTED] > > [PATCH] USB: fix copy_to_user calls in vicam driver. > > > drivers/usb/vicam.c | 17 ++++++++++------- > 1 files changed, 10 insertions(+), 7 deletions(-) > > > diff -Nru a/drivers/usb/vicam.c b/drivers/usb/vicam.c > --- a/drivers/usb/vicam.c Fri Sep 5 17:10:38 2003 > +++ b/drivers/usb/vicam.c Fri Sep 5 17:10:38 2003 [skip] > @@ -1002,7 +1004,8 @@ > if (count > cam->framebuf_size) > count = cam->framebuf_size; > > - copy_to_user(buf, cam->framebuf, count); > + if (copy_to_user(buf, cam->framebuf, count)) > + return -EFAULT; > > if (count != cam->framebuf_size) > cam->framebuf_read_start = count;
This part of the patch has a bug - up(&cam->busy_lock) must be performed before return. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ [EMAIL PROTECTED] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
