beceem: don't overrun user buffer on read Serious bug in original code, if app reads 10 bytes but 20 byte msg received memory would get overwritten. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

commit: 9c5d77009db6ff09d02a7b0a99a70c0dfd3af6c6 [log] [tgz]
author: Stephen Hemminger <stephen.hemminger@vyatta.com> Mon Nov 01 13:59:01 2010 -0400
committer: Stephen Hemminger <stephen.hemminger@vyatta.com> Mon Nov 01 13:59:01 2010 -0400
tree: a75934a9d0b541b0688e224df144aa0bce3034cd
parent: 5cf084f44ac24189ef3373010da49e26d651aa06 [diff]
diff --git a/drivers/staging/bcm/Bcmchar.c b/drivers/staging/bcm/Bcmchar.c
index 1a25560..8089d19 100644
--- a/drivers/staging/bcm/Bcmchar.c
+++ b/drivers/staging/bcm/Bcmchar.c

@@ -139,7 +139,7 @@
 	if(Packet)
 	{
 		PktLen = Packet->len;
-		if(copy_to_user(buf, Packet->data, PktLen))
+		if(copy_to_user(buf, Packet->data, min_t(size_t, PktLen, size)))
 		{
 			dev_kfree_skb(Packet);
 			BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "\nReturning from copy to user failure \n");
commit	9c5d77009db6ff09d02a7b0a99a70c0dfd3af6c6	[log] [tgz]
author	Stephen Hemminger <stephen.hemminger@vyatta.com>	Mon Nov 01 13:59:01 2010 -0400
committer	Stephen Hemminger <stephen.hemminger@vyatta.com>	Mon Nov 01 13:59:01 2010 -0400
tree	a75934a9d0b541b0688e224df144aa0bce3034cd
parent	5cf084f44ac24189ef3373010da49e26d651aa06 [diff]