On Thu, Sep 19, 2013 at 11:45:46PM +0200, Thomas Meyer wrote: > sizeof when applied to a pointer typed expression gives the size of the > pointer. > Found by coccinelle spatch "misc/noderef.cocci" > When you're writing the changelog for these it helps if you say how many bytes sizeof(*data) is. In this case, we have gone from clearing 8 bytes to clearing 1 byte so the original code had a potential memory corruption bug. > Signed-off-by: Thomas Meyer <thomas@xxxxxxxx> > --- > > diff -u -p a/drivers/staging/rtl8188eu/core/rtw_mp.c b/drivers/staging/rtl8188eu/core/rtw_mp.c > --- a/drivers/staging/rtl8188eu/core/rtw_mp.c > +++ b/drivers/staging/rtl8188eu/core/rtw_mp.c > @@ -907,7 +907,7 @@ u32 mp_query_psd(struct adapter *pAdapte > sscanf(data, "pts =%d, start =%d, stop =%d", &psd_pts, &psd_start, &psd_stop); > } > > - _rtw_memset(data, '\0', sizeof(data)); > + _rtw_memset(data, '\0', sizeof(*data)); I think your fix is correct but it would be better to remove the memset and do: data[0] = '\0'; "data" is a u8 pointer, but it should obviously be a char pointer. The original code here is not high quality. :P regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
