Hi Hans and Dan Carpenter, On 03/26/2013 04:18 PM, Hans Verkuil wrote: > On Tue March 26 2013 08:35:57 Dan Carpenter wrote: >> On Tue, Mar 26, 2013 at 10:04:15AM +0300, Dan Carpenter wrote: >>> On Tue, Mar 26, 2013 at 02:42:47PM +0800, Wei Yongjun wrote: >>>> From: Wei Yongjun <yongjun_wei@xxxxxxxxxxxxxxxxx> >>>> >>>> sizeof() when applied to a pointer typed expression gives the >>>> size of the pointer, not that of the pointed data. >>>> >>> This fix isn't right. "buf" is a char pointer. I don't know what >>> this code is doing. Instead of sizeof(*buf) it should be something >>> like "buflen", "msg[i].len", "msg[i].len + 1" or "msg[i].len + 3". >> It should be "msg[i].len + 1", I think. > Yes, that's correct. > > 'buf' used to be a local array, so the memset was fine. I changed it to an > array that was kmalloc()ed but forgot about the memset. I never noticed > the bug because the sizeof the message is typically quite small, certainly > smaller than sizeof(pointer) on a 64-bit system. > > Wei Yongjun, can you post a new patch fixing this? Thanks very much, I will send the v2 of this patch soon. Regards, Yongjun _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
