> This code dereferences user supplied pointers directly instead of doing > a copy_from_user(). Some kernel configs put user and kernel memory in > different address spaces so this code isn't portable. Also the user > memory could be swapped out or in this case the pointer could just be > NULL leading to an oops. > > Another thing is that it makes permission tests like this sort of > meaningless. > if (minor == STREAM_MODULE && rec_mute->stream_id == 0) { > retval = -EPERM; > break; > } > The user could set stream_id to 1 for the test and then change it later. > > Signed-off-by: Dan Carpenter <error27@xxxxxxxxx> Acked-by: Vinod Koul <vinod.koul@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html