In the original code we used -ENODEV as the number of bytes to
copy_to_user() and we didn't release the locks.
Signed-off-by: Dan Carpenter <[email protected]>
diff --git a/drivers/char/pcmcia/cm4000_cs.c b/drivers/char/pcmcia/cm4000_cs.c
index c9bc896..90b199f 100644
--- a/drivers/char/pcmcia/cm4000_cs.c
+++ b/drivers/char/pcmcia/cm4000_cs.c
@@ -1026,14 +1026,16 @@ static ssize_t cmm_read(struct file *filp, __user char *buf, size_t count,
xoutb(0, REG_FLAGS1(iobase)); /* clear detectCMM */
/* last check before exit */
- if (!io_detect_cm4000(iobase, dev))
- count = -ENODEV;
+ if (!io_detect_cm4000(iobase, dev)) {
+ rc = -ENODEV;
+ goto release_io;
+ }
if (test_bit(IS_INVREV, &dev->flags) && count > 0)
str_invert_revert(dev->rbuf, count);
if (copy_to_user(buf, dev->rbuf, count))
- return -EFAULT;
+ rc = -EFAULT;
release_io:
clear_bit(LOCK_IO, &dev->flags);
Hi Dan,
On Sun, Apr 18, 2010 at 10:07:33PM +0300, Dan Carpenter wrote:
> In the original code we used -ENODEV as the number of bytes to
> copy_to_user() and we didn't release the locks.
Thanks for pointing this out!
> Signed-off-by: Dan Carpenter <[email protected]>
Acked-by: Harald Welte <[email protected]>
--
- Harald Welte <[email protected]> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)