On Thursday 15 June 2006 06:47, Wouter Paesen wrote:
> While strolling trough the sermouse driver for some example code, I
> noticed 2 strange things happening there :
>
> * In the sermouse_connect function an input device structure is
> allocated (input_allocate_device), which is not deallocated
> in the sermouse_disconnect function.
>
> If I understand this correctly someone repeatedly connecting and
> disconnecting the mouse would leak input_dev structures.
>
No, input_free_device() should not be called after input_register_device()
returns successfully because input_dev will be freed automatically once
last reference to it is dropped.
> * In the sermouse_connect function the phys member of the sermouse
> structure (32 characters) is initialised with :
>
> sprintf(sermouse->phys, "%s/input0", serio->phys);
>
> Because serio->phys is also a 32 character field the sprintf could
> result in 39 characters being written to the sermouse->phys.
>
Right, we need to change it to use snprintf.
--
Dmitry
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
