Em Mon, 31 Aug 2009 08:52:38 +0200 Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx> escreveu: > > - dereferencing a NULL pointer is not always result segfault, see [1] and > > [2]. So dereferencing a NULL pointer can be treated also as a security > > risk. >From kernelspace drivers POV, any calls sending a NULL pointer should result in an error as soon as possible, to avoid any security risks. Currently, this check is left to the driver, but we should consider implementing such control globally, at video_ioctl2 and at compat32 layer. IMHO, libv4l should mimic the driver behavior of returning an error instead of letting the application to segfault, since, on some critical applications, like video-surveillance security systems, a segfault could be very bad. Cheers, Mauro -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
