• Dan Carpenter's avatar
    [media] lirc_dev: fixes in lirc_dev_fop_read() · 250f7a5f
    Dan Carpenter authored
    This makes several changes but they're in one function and sort of
    related:
    
    "buf" was leaked on error.  The leak if we try to read an invalid
    length is the main concern because it could be triggered over and
    over.
    
    If the copy_to_user() failed, then the original code returned the
    number of bytes remaining.  read() is supposed to be the opposite way,
    where we return the number of bytes copied.  I changed it to just return
    -EFAULT on errors.
    
    Also I changed the debug output from "-EFAULT" to just "<fail>" because
    it isn't -EFAULT necessarily.  And since we go though that path if the
    length is invalid now, there was another debug print that I removed.
    Signed-off-by: default avatarDan Carpenter <error27@gmail.com>
    Reviewed-by: default avatarJarod Wilson <jarod@redhat.com>
    Acked-by: default avatarJarod Wilson <jarod@redhat.com>
    Signed-off-by: default avatarMauro Carvalho Chehab <mchehab@redhat.com>
    250f7a5f
lirc_dev.c 18 KB