On Mon, 24 Dec 2018 09:42:48 +0100, huang.zijiang wrote: > > From: "huang.zijiang" <huang.zijiang@xxxxxxxxxx> > > kmemdup has implemented the function that kmalloc() and memcpy(). > > Signed-off-by: huang.zijiang <huang.zijiang@xxxxxxxxxx> > --- > sound/pci/emu10k1/emufx.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/sound/pci/emu10k1/emufx.c b/sound/pci/emu10k1/emufx.c > index 6ebe817..b4fe4c5 100644 > --- a/sound/pci/emu10k1/emufx.c > +++ b/sound/pci/emu10k1/emufx.c > @@ -671,10 +671,9 @@ static unsigned int *copy_tlv(const unsigned int __user *_tlv, bool in_kernel) > return NULL; > if (data[1] >= MAX_TLV_SIZE) > return NULL; > - tlv = kmalloc(data[1] + sizeof(data), GFP_KERNEL); > + tlv = kmemdup(data, data[1] + sizeof(data), GFP_KERNEL); > if (!tlv) > return NULL; > - memcpy(tlv, data, sizeof(data)); These changes are not equivalent, and rather dangerous, unfortunately. The memcpy() performs only for sizeof(data), and in this case, it's not the same size as the allocation above. thanks, Takashi _______________________________________________ Alsa-devel mailing list Alsa-devel@xxxxxxxxxxxxxxxx http://mailman.alsa-project.org/mailman/listinfo/alsa-devel