On Tue, Nov 01, 2011 at 09:08:54PM -0400, Kevin McKinney wrote: > > I was under the impression that the underlying reason for this change > was to retrieve the number of bytes from the hardware; and copy these > bytes to user space. This in turn fixes the information leak. As such, > If we return STATUS_SUCCESS here, the original problem, information > leak, still remains. That is, a 0 is returned instead of the exact > number of bytes from the hardware to copy to > IOCTL_BCM_REGISTER_READ_PRIVATE. > > As it stands now, this function calls usb_control_msg which returns > the exact number of bytes from the hardware. We then return this to be > used by ioctl, IOCTL_BCM_REGISTER_READ_PRIVATE. Please advise. > > Thanks, > Kevin Yeah. You're absolutely right, your patch works correctly, my bad. This is another reason why I hate that you have both retval and Status which are almost but not quite the same. If you named the one that stored bytes "bytes" and the one that had the return value "Status" then this code would look like: return bytes; And it would be obvious you intended to return the number of bytes. regards, dan carpenter
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
