On Thu, 2015-05-21 at 13:46 +0100, Rob Taylor wrote: > On 21/05/15 06:58, Hans Verkuil wrote: > > On 05/20/2015 06:39 PM, William Towle wrote: > >> Fill in bus_info field and zero reserved field. > >> > >> Signed-off-by: Rob Taylor <rob.taylor@xxxxxxxxxxxxxxx> > >> Reviewed-by: William Towle <william.towle@xxxxxxxxxxxxxxx> > >> --- > >> drivers/media/platform/soc_camera/soc_camera.c | 2 ++ > >> 1 file changed, 2 insertions(+) > >> > >> diff --git a/drivers/media/platform/soc_camera/soc_camera.c b/drivers/media/platform/soc_camera/soc_camera.c > >> index fd7497e..583c5e6 100644 > >> --- a/drivers/media/platform/soc_camera/soc_camera.c > >> +++ b/drivers/media/platform/soc_camera/soc_camera.c > >> @@ -954,6 +954,8 @@ static int soc_camera_querycap(struct file *file, void *priv, > >> WARN_ON(priv != file->private_data); > >> > >> strlcpy(cap->driver, ici->drv_name, sizeof(cap->driver)); > >> + strlcpy(cap->bus_info, "platform:soc_camera", sizeof(cap->bus_info)); > >> + memset(cap->reserved, 0, sizeof(cap->reserved)); > > > > Why the memset? That shouldn't be needed. > > v4l2-complience complained it wasn't zero (v4l2-compliance.cpp:308 in > v4l-utils v1.6.2 [1]) I'm puzzled by that. Isn't this function called by v4l_querycap(), which is called by video_usercopy()? And video_usercopy() zeroes the entire structure before doing so, or at least it appears to be intended to. Anyway, if we're failing to initialise kernel memory that's copied to user-space, that's a (usually minor) security issue and the fix ought to be cc'd to stable. Ben. -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
