From 89e2fea073c15a3f72ec74c3859e7a3b271e7db3 Mon Sep 17 00:00:00 2001 From: Hans Verkuil Date: Sun, 27 Jul 2008 19:08:54 +0200 Subject: saa7146: fix read from uninitialized memory From: Hans Verkuil The offset field of the scatterlist entry *after* the last valid scatterlist entry was used instead of the first scatterlist entry (as was the intention of this code). This worked fine until the kzalloc of the sglist was replaced with kmalloc and sg_init_table only zeroed the exact needed length. Apparently kzalloc zeroes a bit more than is strictly necessary so the offset field was always 0 in the past. But now the offset field was suddenly random and this led to broken captures. Signed-off-by: Hans Verkuil --- linux/drivers/media/common/saa7146_video.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'linux') diff --git a/linux/drivers/media/common/saa7146_video.c b/linux/drivers/media/common/saa7146_video.c index a2333bff8..1c22c39c2 100644 --- a/linux/drivers/media/common/saa7146_video.c +++ b/linux/drivers/media/common/saa7146_video.c @@ -657,7 +657,7 @@ static int saa7146_pgtable_build(struct saa7146_dev *dev, struct saa7146_buf *bu /* if we have a user buffer, the first page may not be aligned to a page boundary. */ - pt1->offset = list->offset; + pt1->offset = dma->sglist->offset; pt2->offset = pt1->offset+o1; pt3->offset = pt1->offset+o2; -- cgit v1.2.3