In __qbuf_dmabuf(), it check the length and size of the buffer being queued, like this: http://lxr.free-electrons.com/source/drivers/media/v4l2-core/videobuf2-core.c#L1158 My question is why the range check is liked this: 1158 if (planes[plane].length < planes[plane].data_offset + 1159 q->plane_sizes[plane]) { ..... Isn't planes[plane].length + planes[plane].data_offset equals to q->plane_sizes[plane]? So the check should be? if (planes[plane].length < q->plane_sizes[plane] - planes[plane].data_offset) Please tell me what am I missing? Thank you -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
