[PATCH] idmouse cleanup and overflow fix switched to simple_read_from_buffer(), killed broken use of min(). Incidentally, that use of min() had been fixed once, only to be reintroduced in commit 4244f72436ab77c3c29a6447af81734ab3925d85: [PATCH] USB: upgrade of the idmouse driver [snip] - if (count > IMGSIZE - *ppos) - count = IMGSIZE - *ppos; + count = min ((loff_t)count, IMGSIZE - (*ppos)); Note the lovely use of cast to shut the warning about misuse of min() up... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: 018a2cdf1e633497bb4f01eb86a7cbffa611776d [log] [tgz]
author: Al Viro <viro@ftp.linux.org.uk> Sat Oct 29 11:56:13 2005 +0100
committer: Linus Torvalds <torvalds@g5.osdl.org> Sat Oct 29 10:35:08 2005 -0700
tree: 515fd2723973f28a738c597d8630526b88650d40
parent: 32b32c2c3566b206988fa30336ec6534759823b5 [diff] [blame]
diff --git a/drivers/usb/misc/idmouse.c b/drivers/usb/misc/idmouse.c
index 3944a55..1dc3e0f 100644
--- a/drivers/usb/misc/idmouse.c
+++ b/drivers/usb/misc/idmouse.c

@@ -319,20 +319,8 @@
 		return -ENODEV;
 	}
 
-	if (*ppos >= IMGSIZE) {
-		up (&dev->sem);
-		return 0;
-	}
-
-	count = min ((loff_t)count, IMGSIZE - (*ppos));
-
-	if (copy_to_user (buffer, dev->bulk_in_buffer + *ppos, count)) {
-		result = -EFAULT;
-	} else {
-		result = count;
-		*ppos += count;
-	}
-
+	result = simple_read_from_buffer(buffer, count, ppos,
+					dev->bulk_in_buffer, IMGSIZE);
 	/* unlock the device */
 	up(&dev->sem);
 	return result;
commit	018a2cdf1e633497bb4f01eb86a7cbffa611776d	[log] [tgz]
author	Al Viro <viro@ftp.linux.org.uk>	Sat Oct 29 11:56:13 2005 +0100
committer	Linus Torvalds <torvalds@g5.osdl.org>	Sat Oct 29 10:35:08 2005 -0700
tree	515fd2723973f28a738c597d8630526b88650d40
parent	32b32c2c3566b206988fa30336ec6534759823b5 [diff] [blame]