git://ftp.safe.ca / safe / jmp / linux-2.6 / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
V4L/DVB: omap24xxcam: potential buffer overflow
[safe/jmp/linux-2.6] / drivers / media / video / omap24xxcam.c
diff --git a/drivers/media/video/omap24xxcam.c b/drivers/media/video/omap24xxcam.c
index b189fe6..ce76d95 100644 (file)
--- a/drivers/media/video/omap24xxcam.c
+++ b/drivers/media/video/omap24xxcam.c
@@ -1405,7 +1405,7 @@ static int omap24xxcam_mmap_buffers(struct file *file,
        }
 
        size = 0;
-       for (i = first; i <= last; i++) {
+       for (i = first; i <= last && i < VIDEO_MAX_FRAME; i++) {
                struct videobuf_dmabuf *dma = videobuf_to_dma(vbq->bufs[i]);
 
                for (j = 0; j < dma->sglen; j++) {
Full containers within linux kernel