On 06/22/18 12:28, Dan Carpenter wrote:
if (count < 1)
return -EFAULT;
- if (buffer && !copy_from_user(tmp, buffer, sizeof(tmp))) {
+ if (buffer && !copy_from_user(tmp, buffer, sizeof(tmp)))
sscanf(tmp, "%u", &g_wait_hiq_empty);
- }
The original code is kind of bad. The NULL check isn't required.
Just for clarification, NULL check refers to checking if buffer != NULL in the
if condition?
if (buffer && !copy_from_user(tmp, buffer, sizeof(tmp)))
~~~~~~
The sscanf call should have error checking. The error code is wrong if
the copy from user fails. The tmp buffer isn't NUL terminated.
if (copy_from_user(tmp, buffer, sizeof(tmp)))
return -EFAULT;
tmp[sizeof(tmp) - 1] = '\0';
if (sscanf(tmp, "%u", &g_wait_hiq_empty) != 1)
return -EINVAL;
return count;
regards,
dan carpenter
Regards,
Michael
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
