[PATCH 2/3] staging:iio:kfifo_buf: Fix potential buffer overflow in iio_read_first_n_kfifo
Greg KH
greg at kroah.com
Thu Dec 8 20:17:22 UTC 2011
On Thu, Dec 08, 2011 at 06:35:52PM +0100, Lars-Peter Clausen wrote:
> n is the number of bytes to read, not the number of samples. So if there is
> enough data available we will write to the userspace buffer beyond its bounds.
> Fix this by copying n bytes maximum. Also round n down to the next multiple of
> the sample size, so we will only read complete samples. If the buffer is too
> small to hold at least one sample return -EINVAL.
>
> Also update the documentation of read_first_n to reflect the fact that 'n' is
> supposed to be in bytes and not in samples.
>
> Acked-by: Jonathan Cameron <jic23 at kernel.org>
> Signed-off-by: Lars-Peter Clausen <lars at metafoo.de>
> ---
> drivers/staging/iio/buffer.h | 2 +-
This patch no longer applies to my tree, care to refresh it and resend
it?
thanks,
greg k-h
More information about the devel
mailing list