On Wed, 29 May 2013 13:00:02 +0200 Hans Verkuil <hverkuil@xxxxxxxxx> wrote: > From: Hans Verkuil <hans.verkuil@xxxxxxxxx> > > Prevent out-of-range register accesses. Certainly I agree with the goal, and what's here is better than what the driver does now. But... > + if (reg->reg > cam->regs_size - 4) > + return -EINVAL; The alleged size of the MMIO region is likely to be quite a bit larger than the offset of the last real register, and I wouldn't count on the hardware to not lock up if you try to access something beyond that last register. So I'd much rather add a MAX_MCAM_REG_OFFSET define to mcam-core.h after the last register define and test against that. I can try to toss something together shortly. Thanks, jon -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
