On Wed, Nov 24, 2021 at 12:33:20PM -0800, Todd Kjos wrote: > I agree -- if copy_from_user() for some reason doesn't copy the whole > buffer, it might return a positive integer. Then it would skip > binder_translate_fd(), but not return. That should probably be > something like: > > if (ret) > return ret > 0 ? -EINVAL : ret; > > Will fix in next version. It should really be a separate patch at the start of the series because it's from the original code and unrelated. regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
