Le Samedi 24 Juin 2006 20:11, Al Viro a écrit :
> On Sat, Jun 24, 2006 at 10:38:37AM -0700, Greg KH wrote:
> > Ugh, ok, I went back and forth with Andrew on this, before I took it.
> > Andrew, any objections to reverting this now?
>
> Also spelled as "Andrew, could you please RTFS?"
>
> When we have
>
> struct foo {
> <something>
> struct bar array[0];
> };
> struct foo *p;
>
> then p->array does _not_ dereference p; it is equivalent to
>
> (struct bar *)((char *)p + offsetof(struct foo, array))
>
> and, for pointer to userland (header + variable-sized array), it will
> give us exactly what we want; namely, pointer to the beginning of
> userland array.
>
> I really wonder what the fsck had inspired the original "report" -
> definitely not sparse. "Fixed" version, OTOH, does trigger sparse warnings
> with -Wcast-to-as; deservedly so, since we cast pointer to on-stack object
> to __user pointer. That alone should've been sufficient indicator of
> something bogus going on. Quick look at the function we pass it to would
> show that it does copy_from_user() from that argument, i.e. it really
> doesn't make any sense to give it address of something in kernel stack.
> Sigh...
Thanks for the detailed explanations. When I opened the bugreport I didn't
realized that p->array wasn't a dereference but simply an offest calculation.
I should reread my C book and think twice before patching the kernel.
I apologize to have bothered everybody involved with this broken patch. I must
admit it was not tested since I don't own an USB device with an isochronous
endpoint.
Regards,
Philippe
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
[email protected]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
