summaryrefslogtreecommitdiff
path: root/drivers/media/video/ivtv
diff options
context:
space:
mode:
authorRoel Kluin <roel.kluin@gmail.com>2009-07-24 04:46:57 +0400
committerMauro Carvalho Chehab <mchehab@redhat.com>2009-08-14 03:39:02 +0400
commited18d0c87ee0ab6e0985d83c19cd135b1bd54998 (patch)
tree4525e5280f255ab41794fb6a8b89a159a5d44486 /drivers/media/video/ivtv
parent5b766182a110311fbf618f736bc8a8f2f7ce3f4c (diff)
downloadlinux-ed18d0c87ee0ab6e0985d83c19cd135b1bd54998.tar.xz
V4L/DVB (12337): ivtv: Read buffer overflow
This mistakenly tests against sizeof(freqs) instead of the array size. Due to the mask the only illegal value possible was 3. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Andy Walls <awalls@radix.net> Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Diffstat (limited to 'drivers/media/video/ivtv')
-rw-r--r--drivers/media/video/ivtv/ivtv-controls.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/drivers/media/video/ivtv/ivtv-controls.c b/drivers/media/video/ivtv/ivtv-controls.c
index a3b77ed3f089..4a9c8ce0ecb3 100644
--- a/drivers/media/video/ivtv/ivtv-controls.c
+++ b/drivers/media/video/ivtv/ivtv-controls.c
@@ -17,6 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+#include <linux/kernel.h>
#include "ivtv-driver.h"
#include "ivtv-cards.h"
@@ -281,7 +282,7 @@ int ivtv_s_ext_ctrls(struct file *file, void *fh, struct v4l2_ext_controls *c)
idx = p.audio_properties & 0x03;
/* The audio clock of the digitizer must match the codec sample
rate otherwise you get some very strange effects. */
- if (idx < sizeof(freqs))
+ if (idx < ARRAY_SIZE(freqs))
ivtv_call_all(itv, audio, s_clock_freq, freqs[idx]);
return err;
}