On Sun, Apr 19, 2015 at 05:54:19PM -0700, Joe Perches wrote: > > diff --git a/drivers/staging/dgnc/dgnc_mgmt.c > > b/drivers/staging/dgnc/dgnc_mgmt.c > > index b13318a..0437117 100644 > > --- a/drivers/staging/dgnc/dgnc_mgmt.c > > +++ b/drivers/staging/dgnc/dgnc_mgmt.c > > @@ -131,6 +131,7 @@ long dgnc_mgmt_ioctl(struct file *file, unsigned int > > cmd, unsigned long arg) > > int brd; > > > > struct digi_info di; > > + struct dgnc_board *bd = dgnc_Board[brd]; > > Please read the code. > brd is got from userspace and you've dereferenced > it before getting the value from userspace.
Gar. Oops. I totally missed that when I looked at this patch. :( You would hope that GCC would warn about the uninitialized variable but it doesn't. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
