On Sun, Apr 19, 2015 at 05:54:19PM -0700, Joe Perches wrote: > > diff --git a/drivers/staging/dgnc/dgnc_mgmt.c > > b/drivers/staging/dgnc/dgnc_mgmt.c > > index b13318a..0437117 100644 > > --- a/drivers/staging/dgnc/dgnc_mgmt.c > > +++ b/drivers/staging/dgnc/dgnc_mgmt.c > > @@ -131,6 +131,7 @@ long dgnc_mgmt_ioctl(struct file *file, unsigned int > > cmd, unsigned long arg) > > int brd; > > > > struct digi_info di; > > + struct dgnc_board *bd = dgnc_Board[brd]; > > Please read the code. > brd is got from userspace and you've dereferenced > it before getting the value from userspace.
Gar. Oops. I totally missed that when I looked at this patch. :( You would hope that GCC would warn about the uninitialized variable but it doesn't. regards, dan carpenter _______________________________________________ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
