[linux-dvb] Digitv USB firmware loading issue [PATCH]
jburgess at uklinux.net
Fri Dec 16 00:11:53 CET 2005
Wolfgang Rohdewald wrote:
> On Freitag 09 Dezember 2005 19:28, Jon Burgess wrote:
>>Jan Kämpe wrote:
>>> int dvb_usb_get_hexline(const struct firmware *fw, struct hexline *hx, int *pos)
>>>- u8 *b = (u8 *) &fw->data[*pos];
>>> int data_offs = 4;
>>> if (*pos >= fw->size)
>>> return 0;
>>>+ u8 *b = (u8 *) &fw->data[*pos];
>>> memset(hx,0,sizeof(struct hexline));
>>I don't see why this change is needed and it breaks on older GCC.
> if *pos >= fw->size, data[*pos] will access unallocated memory behind data.
You are right in principle, but I believe that doing &foo[x] just gives
you the address of the item, you don't actually do an out-of-bounds
access until you actually dereference the pointer. The change makes the
code look more correct, but I don't think you'll ever see this causing a
crash or illegal access in practice since the check for (pos > fw->size)
is done before the dereference.
More information about the linux-dvb