[PATCH] idmouse cleanup and overflow fix
switched to simple_read_from_buffer(), killed broken use of min().
Incidentally, that use of min() had been fixed once, only to be
reintroduced in commit 4244f72436
:
[PATCH] USB: upgrade of the idmouse driver
[snip]
- if (count > IMGSIZE - *ppos)
- count = IMGSIZE - *ppos;
+ count = min ((loff_t)count, IMGSIZE - (*ppos));
Note the lovely use of cast to shut the warning about misuse of min()
up...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
32b32c2c35
commit
018a2cdf1e
@ -319,20 +319,8 @@ static ssize_t idmouse_read(struct file *file, char __user *buffer, size_t count
|
||||
return -ENODEV;
|
||||
}
|
||||
|
||||
if (*ppos >= IMGSIZE) {
|
||||
up (&dev->sem);
|
||||
return 0;
|
||||
}
|
||||
|
||||
count = min ((loff_t)count, IMGSIZE - (*ppos));
|
||||
|
||||
if (copy_to_user (buffer, dev->bulk_in_buffer + *ppos, count)) {
|
||||
result = -EFAULT;
|
||||
} else {
|
||||
result = count;
|
||||
*ppos += count;
|
||||
}
|
||||
|
||||
result = simple_read_from_buffer(buffer, count, ppos,
|
||||
dev->bulk_in_buffer, IMGSIZE);
|
||||
/* unlock the device */
|
||||
up(&dev->sem);
|
||||
return result;
|
||||
|
Loading…
Reference in New Issue
Block a user