Hi Samuel,
I had some questions about the patch e65b0f46edfd: "NFC: Fragment LLCP I
frames" from Mar 5, 2012.
net/nfc/llcp/commands.c
+ while (remaining_len > 0) {
+
+ frag_len = min_t(u16, local->remote_miu, remaining_len);
^^^
This should be a cast to size_t. Otherwise for a large value of
remaining_len we'd loop until we hit an allocation failure with
pdu = llcp_allocate_pdu();
- sk = &sock->sk;
- lock_sock(sk);
+ pr_debug("Fragment %zd bytes remaining %zd",
+ frag_len, remaining_len);
- nfc_llcp_queue_i_frames(sock);
+ pdu = llcp_allocate_pdu(sock, LLCP_PDU_I,
+ frag_len + LLCP_SEQUENCE_SIZE);
+ if (pdu == NULL)
+ return -ENOMEM;
+
+ skb_put(pdu, LLCP_SEQUENCE_SIZE);
+
+ memcpy(skb_put(pdu, frag_len), msg_ptr, frag_len);
+
+ skb_queue_head(&sock->tx_queue, pdu);
+
+ lock_sock(sk);
+
+ nfc_llcp_queue_i_frames(sock);
+
+ release_sock(sk);
+
+ remaining_len -= frag_len;
+ msg_ptr += len;
Shouldn't this be msg_ptr += frag_len?
+ }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
