mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

firewire: cdev: extend transaction payload size check 

Make the size check of ioctl_send_request and
ioctl_send_broadcast_request speed dependent.  Also change the error
return code from -EINVAL to -EIO to distinguish this from other errors
concerning the ioctl parameters.

Another payload size limit for which we don't check here though is the
remote node's Bus_Info_Block.max_rec.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
This commit is contained in:
Stefan Richter 2009-01-04 16:23:29 +01:00
parent 1566f3dc3e
commit 5d3fd692a7
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
drivers/firewire/fw-cdev.c
View File

@ -525,9 +525,8 @@ static int init_request(struct client *client,
struct outbound_transaction_event *e;
int ret;
/* What is the biggest size we'll accept, really? */
if (request->length > 4096)
return -EINVAL;
if (request->length > 4096 || request->length > 512 << speed)
return -EIO;
e = kmalloc(sizeof(*e) + request->length, GFP_KERNEL);
if (e == NULL)