From: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Date: Mon, 24 Jun 2013 19:05:03 +0300 > If we "cmd == SIOCDEVPRIVATE" then we use data[] without initializing > it. The most common case is that we would return -EOPNOTSUPP. The > other case is that we'd end up reading and writing to randomish places. > This requires CAP_SYS_RAWIO so it's not very bad. > > The fix is to not allow SIOCDEVPRIVATE because it doesn't work. I > returned -EOPNOTSUPP instead of -ENOTTY because that's what is used in > the rest of the file. > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> I think the intention is to only allow SIOCDEVPRIVATE, rather than accept any and all values other than it which are inside of the private ioctl range. The 'cmd' validation is one step, and it determines the interpretation of data[0]. -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
