Commit bb2b4542 authored by Roel Kluin's avatar Roel Kluin Committed by Mauro Carvalho Chehab

V4L/DVB (12438): Read buffer overflow

parport[n] is checked before n < MAX_CAMS
Signed-off-by: default avatarRoel Kluin <roel.kluin@gmail.com>
Signed-off-by: default avatarDouglas Schilling Landgraf <dougsland@redhat.com>
Signed-off-by: default avatarMauro Carvalho Chehab <mchehab@redhat.com>
parent 27059b35
...@@ -992,7 +992,7 @@ static int accept_bwqcam(struct parport *port) ...@@ -992,7 +992,7 @@ static int accept_bwqcam(struct parport *port)
if (parport[0] && strncmp(parport[0], "auto", 4) != 0) { if (parport[0] && strncmp(parport[0], "auto", 4) != 0) {
/* user gave parport parameters */ /* user gave parport parameters */
for(n=0; parport[n] && n<MAX_CAMS; n++){ for (n = 0; n < MAX_CAMS && parport[n]; n++) {
char *ep; char *ep;
unsigned long r; unsigned long r;
r = simple_strtoul(parport[n], &ep, 0); r = simple_strtoul(parport[n], &ep, 0);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment