Hi Dan, On Tue, Nov 8, 2011 at 1:08 AM, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote: > Your patch to IOCTL_BCM_REGISTER_READ_PRIVATE fixed some real > security problems, but there aren't any here in the original code > that I can see. > > It's true that the usb_control_msg() can only handle a USHRT_MAX so > if you passed in a value greater than that, you might get an > unexpected return value. But that's the only problem I see here. > > If IoBuffer.OutputLength then it will pass zero bytes back to the > user and report success. This is actually pretty common in the > kernel... > > On the other hand, this patch make IOCTL_BCM_EEPROM_REGISTER_READ and > IOCTL_BCM_REGISTER_READ_PRIVATE symetric and it does fix a return > value bug. So it would probably be fine to merge it as a cleanup > patch. Maybe you could resend it with a different changelog? > Sure, I will resend with a different changelog. Thanks, Kevin _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
