Search Linux Wireless

Re: [PATCH] staging: wilc1000: Process WARN, INFO options of debug levels from user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 12, 2015 at 11:05:58PM +0530, Chandra S Gorentla wrote:
> -	if (copy_from_user(buffer, buf, count)) {
> +	ret = simple_write_to_buffer(buffer, sizeof(buffer), ppos, buf, count);

This part doesn't make sense.  Use copy_from_user().  Also it's not NUL
terminated so it leads to a read past the end of the array later.  In
the original code, we just looked at the first char and didn't use
kstrtoint() so we didn't care about NUL termination.

regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux