On Mon, Jul 17, 2017 at 08:47:25PM -0400, Jacob von Chorus wrote:
> -static void readinfo_bitstream(char *bitdata, char *buf, int *offset)
> +static int readinfo_bitstream(char *bitdata, char *buf, int size, int *offset)
> {
> char tbuf[64];
> s32 len;
> @@ -59,9 +59,15 @@ static void readinfo_bitstream(char *bitdata, char *buf, int *offset)
> read_bitstream(bitdata, tbuf, offset, 2);
>
> len = tbuf[0] << 8 | tbuf[1];
> + if ((len + 1) > size) {
> + pr_err("error: readinfo buffer too small\n");
> + return -ETOOSMALL;
Probably the correct error code is -EINVAL. I should have just said
that in the first email.
regards,
dan carpenter
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
