On 02/01/13 13:51, Ian Abbott wrote:
On 2012-12-21 16:42, H Hartley Sweeten wrote:
Clarify the check to make sure the number of bytes to allocate is
available.
Signed-off-by: H Hartley Sweeten <hsweeten@xxxxxxxxxxxxxxxxxxx>
Cc: Ian Abbott <abbobbi@xxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/staging/comedi/comedi_buf.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/comedi/comedi_buf.c b/drivers/staging/comedi/comedi_buf.c
index 246f577..1ec5aaa 100644
--- a/drivers/staging/comedi/comedi_buf.c
+++ b/drivers/staging/comedi/comedi_buf.c
@@ -298,10 +298,10 @@ EXPORT_SYMBOL(comedi_buf_read_n_available);
/* allocates a chunk for the reader from filled (and munged) buffer space */
unsigned comedi_buf_read_alloc(struct comedi_async *async, unsigned nbytes)
{
- if ((int)(async->buf_read_alloc_count + nbytes - async->munge_count) >
- 0) {
- nbytes = async->munge_count - async->buf_read_alloc_count;
- }
+ int available = async->munge_count - async->buf_read_alloc_count;
Minor nit-pick: that should be an unsigned int.
+
+ if (nbytes > available)
+ nbytes = available;
async->buf_read_alloc_count += nbytes;
/* barrier insures read of munge_count occurs before we actually read
data out of buffer */
Thinking about this a bit more, I think it's worth skipping any changes
to the buffer space calculations until unsigned integer overflows have
been taken into consideration.
--
-=( Ian Abbott @ MEV Ltd. E-mail: <abbotti@xxxxxxxxx> )=-
-=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=-
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
