Hi,
Sparse pointed me at the following line in ivtv-fileops.c's ivtv_v4l2_write:
ivtv_write_vbi(itv, (const struct v4l2_sliced_vbi_data *)user_buf, elems);
Now user_buf is a parameter:
const char __user *user_buf,
so that is losing the __user, and I don't see what else protects
the accesses that ivtv_write_vbi performs.
Is there something that makes this safe?
Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ gro.gilbert @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
