drivers/sound/*.c

author Arnaldo Carvalho de Melo <acme@conectiva.com.br>

Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)

committer Arnaldo Carvalho de Melo <acme@conectiva.com.br>

Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)
author Arnaldo Carvalho de Melo <acme@conectiva.com.br>
Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)
committer Arnaldo Carvalho de Melo <acme@conectiva.com.br>
Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)
diff --git a/sound/oss/cmpci.c b/sound/oss/cmpci.c

index 0b7fefb3694390c1b001b6aea23b9e2999d011a8..ee9155ff0efb6404399f73925ea0c6708e3675cc 100644 (file)
--- a/sound/oss/cmpci.c
+++ b/sound/oss/cmpci.c
@@ -2032,7 +2032,9 @@ static int cm_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -2049,7 +2051,9 @@ static int cm_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                                 s->dma_adc.count &= s->dma_adc.fragsize-1;
                 }
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/cs4281/cs4281m.c b/sound/oss/cs4281/cs4281m.c

index c67291e39cf9f805d5e39bcf3e29532957fa2160..2f66546778f34ee1ca4261f92af46799e332b572 100644 (file)
--- a/sound/oss/cs4281/cs4281m.c
+++ b/sound/oss/cs4281/cs4281m.c
@@ -3496,7 +3496,9 @@ static int cs4281_ioctl(struct inode *inode, struct file *file,
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize - 1;
                 spin_unlock_irqrestore(&s->lock, flags);
-               return copy_to_user((void *) arg, &cinfo, sizeof(cinfo));
+               if (copy_to_user((void *) arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -3520,7 +3522,9 @@ static int cs4281_ioctl(struct inode *inode, struct file *file,
                 if (s->dma_dac.mapped)
                         s->dma_dac.count &= s->dma_dac.fragsize - 1;
                 spin_unlock_irqrestore(&s->lock, flags);
-               return copy_to_user((void *) arg, &cinfo, sizeof(cinfo));
+               if (copy_to_user((void *) arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/cs46xx.c b/sound/oss/cs46xx.c

index d45f2809f798dc1a67ccd0e42cb7e24c457cc700..632a24b0a32b70423dc075ba3a82caec153262c0 100644 (file)
--- a/sound/oss/cs46xx.c
+++ b/sound/oss/cs46xx.c
@@ -2965,7 +2965,9 @@ static int cs_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                         cinfo.blocks = dmabuf->count/dmabuf->divisor >> dmabuf->fragshift;
                         cinfo.ptr = dmabuf->hwptr/dmabuf->divisor;
                         spin_unlock_irqrestore(&state->card->lock, flags);
-                       return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                       if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                               return -EFAULT;
+                       return 0;
                 }
                 return -ENODEV;
  
@@ -2998,7 +3000,9 @@ static int cs_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                             "cs46xx: GETOPTR bytes=%d blocks=%d ptr=%d\n",
                                 cinfo.bytes,cinfo.blocks,cinfo.ptr) );
                         spin_unlock_irqrestore(&state->card->lock, flags);
-                       return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                       if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                               return -EFAULT;
+                       return 0;
                 }
                 return -ENODEV;
  
diff --git a/sound/oss/emu10k1/cardwi.c b/sound/oss/emu10k1/cardwi.c

index fde98545a1cbf08aaa8ed8bd312a40f75a0861ec..a3e7e4b57c30d2a70ab26ee082099e765f92d5ad 100644 (file)
--- a/sound/oss/emu10k1/cardwi.c
+++ b/sound/oss/emu10k1/cardwi.c
@@ -304,9 +304,10 @@ void emu10k1_wavein_getxfersize(struct wiinst *wiinst, u32 * size)
  
  static void copy_block(u8 *dst, u8 * src, u32 str, u32 len, u8 cov)
  {
-       if (cov == 1)
-               __copy_to_user(dst, src + str, len);
-       else {
+       if (cov == 1) {
+               if (__copy_to_user(dst, src + str, len))
+                       return;
+       } else {
                 u8 byte;
                 u32 i;
  
@@ -314,7 +315,8 @@ static void copy_block(u8 *dst, u8 * src, u32 str, u32 len, u8 cov)
  
                 for (i = 0; i < len; i++) {
                         byte = src[2 * i] ^ 0x80;
-                       __copy_to_user(dst + i, &byte, 1);
+                       if (__copy_to_user(dst + i, &byte, 1))
+                               return;
                 }
         }
  }
diff --git a/sound/oss/emu10k1/cardwo.c b/sound/oss/emu10k1/cardwo.c

index 9ec4adf565a37ad12d007e97b2a5327b2ff5ab61..006e1fb935593529ffcbdc01de5ab20e9486598c 100644 (file)
--- a/sound/oss/emu10k1/cardwo.c
+++ b/sound/oss/emu10k1/cardwo.c
@@ -483,14 +483,17 @@ static void copy_block(void **dst, u32 str, u8 *src, u32 len)
  
         if (len > PAGE_SIZE - pgoff) {
                 k = PAGE_SIZE - pgoff;
-               __copy_from_user((u8 *)dst[pg] + pgoff, src, k);
+               if (__copy_from_user((u8 *)dst[pg] + pgoff, src, k))
+                       return;
                 len -= k;
                 while (len > PAGE_SIZE) {
-                       __copy_from_user(dst[++pg], src + k, PAGE_SIZE);
+                       if (__copy_from_user(dst[++pg], src + k, PAGE_SIZE))
+                               return;
                         k += PAGE_SIZE;
                         len -= PAGE_SIZE;
                 }
-               __copy_from_user(dst[++pg], src + k, len);
+               if (__copy_from_user(dst[++pg], src + k, len))
+                       return;
  
         } else
                 __copy_from_user((u8 *)dst[pg] + pgoff, src, len);
@@ -515,7 +518,8 @@ static void copy_ilv_block(struct woinst *woinst, u32 str, u8 *src, u32 len)
  
         while (len) { 
                 for (voice_num = 0; voice_num < woinst->num_voices; voice_num++) {
-                       __copy_from_user((u8 *)(mem[voice_num].addr[pg]) + pgoff, src, woinst->format.bytespervoicesample);
+                       if (__copy_from_user((u8 *)(mem[voice_num].addr[pg]) + pgoff, src, woinst->format.bytespervoicesample))
+                               return;
                         src += woinst->format.bytespervoicesample;
                 }
  
diff --git a/sound/oss/emu10k1/passthrough.c b/sound/oss/emu10k1/passthrough.c

index f1a961c7f4617d23d89794b991d25b16a508628c..57690753d955c8c17ab343af0fffa4ea9ef3a01e 100644 (file)
--- a/sound/oss/emu10k1/passthrough.c
+++ b/sound/oss/emu10k1/passthrough.c
@@ -165,12 +165,15 @@ ssize_t emu10k1_pt_write(struct file *file, const char *buffer, size_t count)
  
                 DPD(3, "prepend size %d, prepending %d bytes\n", pt->prepend_size, needed);
                 if (count < needed) {
-                       copy_from_user(pt->buf + pt->prepend_size, buffer, count);
+                       if (copy_from_user(pt->buf + pt->prepend_size, buffer,
+                                          count))
+                               return -EFAULT;
                         pt->prepend_size += count;
                         DPD(3, "prepend size now %d\n", pt->prepend_size);
                         return count;
                 }
-               copy_from_user(pt->buf + pt->prepend_size, buffer, needed);
+               if (copy_from_user(pt->buf + pt->prepend_size, buffer, needed))
+                       return -EFAULT;
                 r = pt_putblock(wave_dev, (u16 *) pt->buf, nonblock);
                 if (r)
                         return r;
@@ -181,7 +184,8 @@ ssize_t emu10k1_pt_write(struct file *file, const char *buffer, size_t count)
         blocks_copied = 0;
         while (blocks > 0) {
                 u16 *bufptr = (u16 *) buffer + (bytes_copied/2);
-               copy_from_user(pt->buf, bufptr, PT_BLOCKSIZE);
+               if (copy_from_user(pt->buf, bufptr, PT_BLOCKSIZE))
+                       return -EFAULT;
                 bufptr = (u16 *) pt->buf;
                 r = pt_putblock(wave_dev, bufptr, nonblock);
                 if (r) {
@@ -197,7 +201,8 @@ ssize_t emu10k1_pt_write(struct file *file, const char *buffer, size_t count)
         i = count - bytes_copied;
         if (i) {
                 pt->prepend_size = i;
-               copy_from_user(pt->buf, buffer + bytes_copied, i);
+               if (copy_from_user(pt->buf, buffer + bytes_copied, i))
+                       return -EFAULT;
                 bytes_copied += i;
                 DPD(3, "filling prepend buffer with %d bytes", i);
         }
diff --git a/sound/oss/es1370.c b/sound/oss/es1370.c

index 0d83d97cca7a52f01fe2e9b04f2909464b189359..a66b5e8039bd6da6287ce0f6f9511c8776906fde 100644 (file)
--- a/sound/oss/es1370.c
+++ b/sound/oss/es1370.c
@@ -1635,7 +1635,9 @@ static int es1370_ioctl(struct inode *inode, struct file *file, unsigned int cmd
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -1653,7 +1655,9 @@ static int es1370_ioctl(struct inode *inode, struct file *file, unsigned int cmd
                 if (s->dma_dac2.mapped)
                         s->dma_dac2.count &= s->dma_dac2.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
@@ -2112,7 +2116,9 @@ static int es1370_ioctl_dac(struct inode *inode, struct file *file, unsigned int
                 if (s->dma_dac1.mapped)
                         s->dma_dac1.count &= s->dma_dac1.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if ((val = prog_dmabuf_dac1(s)))
diff --git a/sound/oss/es1371.c b/sound/oss/es1371.c

index d70d5dfa52f30f8cf3a999b574f48b60aefbf7bc..62797a4b911a4099a555c007d941f550684e82eb 100644 (file)
--- a/sound/oss/es1371.c
+++ b/sound/oss/es1371.c
@@ -1824,7 +1824,9 @@ static int es1371_ioctl(struct inode *inode, struct file *file, unsigned int cmd
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -1842,8 +1844,9 @@ static int es1371_ioctl(struct inode *inode, struct file *file, unsigned int cmd
                 if (s->dma_dac2.mapped)
                         s->dma_dac2.count &= s->dma_dac2.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
-
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
                         if ((val = prog_dmabuf_dac2(s)))
@@ -2292,7 +2295,9 @@ static int es1371_ioctl_dac(struct inode *inode, struct file *file, unsigned int
                 if (s->dma_dac1.mapped)
                         s->dma_dac1.count &= s->dma_dac1.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if ((val = prog_dmabuf_dac1(s)))
diff --git a/sound/oss/esssolo1.c b/sound/oss/esssolo1.c

index e196264f145dd356687bf18f9024fea35deeec3f..a44086ad9548f5acb14d82a54899c1c97d20f865 100644 (file)
--- a/sound/oss/esssolo1.c
+++ b/sound/oss/esssolo1.c
@@ -1468,7 +1468,9 @@ static int solo1_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -1492,7 +1494,9 @@ static int solo1_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
                        cinfo.bytes, cinfo.blocks, cinfo.ptr, s->dma_dac.buforder, s->dma_dac.numfrag, s->dma_dac.fragshift,
                        s->dma_dac.swptr, s->dma_dac.count, s->dma_dac.fragsize, s->dma_dac.dmasize, s->dma_dac.fragsamples);
  #endif
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/gus_wave.c b/sound/oss/gus_wave.c

index f18f2a1619b6f753973123a5b46e76395898396a..00aab8f5c8bfe853b0094869b89033f98c33e584 100644 (file)
--- a/sound/oss/gus_wave.c
+++ b/sound/oss/gus_wave.c
@@ -1719,7 +1719,9 @@ static int guswave_load_patch(int dev, int format, const char *addr,
          * been transferred already.
          */
  
-       copy_from_user(&((char *) &patch)[offs], &(addr)[offs], sizeof_patch - offs);
+       if (copy_from_user(&((char *) &patch)[offs], &(addr)[offs],
+                          sizeof_patch - offs))
+               return -EFAULT;
  
         if (patch.mode & WAVE_ROM)
                 return -EINVAL;
@@ -1864,7 +1866,10 @@ static int guswave_load_patch(int dev, int format, const char *addr,
                          * OK, move now. First in and then out.
                          */
  
-                       copy_from_user(audio_devs[gus_devnum]->dmap_out->raw_buf, &(addr)[sizeof_patch + src_offs], blk_sz);
+                       if (copy_from_user(audio_devs[gus_devnum]->dmap_out->raw_buf,
+                                          &(addr)[sizeof_patch + src_offs],
+                                          blk_sz))
+                               return -EFAULT;
  
                         save_flags(flags);
                         cli();
diff --git a/sound/oss/i810_audio.c b/sound/oss/i810_audio.c

index a1656d32f3607f1ae36ff1a58fe30fd5f382b140..2fffdbbd7879fae90768aa8947b788ff084d6bb1 100644 (file)
--- a/sound/oss/i810_audio.c
+++ b/sound/oss/i810_audio.c
@@ -2020,7 +2020,9 @@ static int i810_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
                 printk("SNDCTL_DSP_GETOPTR %d, %d, %d, %d\n", cinfo.bytes,
                         cinfo.blocks, cinfo.ptr, dmabuf->count);
  #endif
-               return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+               if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETISPACE:
                 if (!(file->f_mode & FMODE_READ))
@@ -2059,8 +2061,9 @@ static int i810_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
                 printk("SNDCTL_DSP_GETIPTR %d, %d, %d, %d\n", cinfo.bytes,
                         cinfo.blocks, cinfo.ptr, dmabuf->count);
  #endif
-               return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
-
+               if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
         case SNDCTL_DSP_NONBLOCK:
  #ifdef DEBUG
                 printk("SNDCTL_DSP_NONBLOCK\n");
diff --git a/sound/oss/ite8172.c b/sound/oss/ite8172.c

index 3534696663de367b35479b72838da736ad01089c..5e9fd3d55220db5144a6e5c234d9305a396cd1a5 100644 (file)
--- a/sound/oss/ite8172.c
+++ b/sound/oss/ite8172.c
@@ -1427,7 +1427,9 @@ static int it8172_ioctl(struct inode *inode, struct file *file,
         if (count < 0)
             count = 0;
         cinfo.blocks = count >> s->dma_adc.fragshift;
-       return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+       if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+               return -EFAULT;
+       return 0;
  
      case SNDCTL_DSP_GETOPTR:
         if (!(file->f_mode & FMODE_READ))
@@ -1448,7 +1450,9 @@ static int it8172_ioctl(struct inode *inode, struct file *file,
         if (count < 0)
             count = 0;
         cinfo.blocks = count >> s->dma_dac.fragshift;
-       return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+       if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+               return -EFAULT;
+       return 0;
  
      case SNDCTL_DSP_GETBLKSIZE:
         if (file->f_mode & FMODE_WRITE)
diff --git a/sound/oss/maestro.c b/sound/oss/maestro.c

index 03f3cb52ff2db409b6b51dd28f954be1e65bd3ee..3260985c913d97017598fe519777aa6721992e5f 100644 (file)
--- a/sound/oss/maestro.c
+++ b/sound/oss/maestro.c
@@ -2756,7 +2756,9 @@ static int ess_ioctl(struct inode *inode, struct file *file, unsigned int cmd, u
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -2771,7 +2773,9 @@ static int ess_ioctl(struct inode *inode, struct file *file, unsigned int cmd, u
                 if (s->dma_dac.mapped)
                         s->dma_dac.count &= s->dma_dac.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/maestro3.c b/sound/oss/maestro3.c

index 05e2032f239e898c5becc3fe3371d5ea8003427d..5ef4b49ba70f7c58179975c7bd7de8ff8e8d8be7 100644 (file)
--- a/sound/oss/maestro3.c
+++ b/sound/oss/maestro3.c
@@ -1805,7 +1805,9 @@ static int m3_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
          if (s->dma_adc.mapped)
              s->dma_adc.count &= s->dma_adc.fragsize-1;
          spin_unlock_irqrestore(&s->lock, flags);
-        return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+        if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+               return -EFAULT;
+       return 0;
  
      case SNDCTL_DSP_GETOPTR:
          if (!(file->f_mode & FMODE_WRITE))
@@ -1818,7 +1820,9 @@ static int m3_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
          if (s->dma_dac.mapped)
              s->dma_dac.count &= s->dma_dac.fragsize-1;
          spin_unlock_irqrestore(&s->lock, flags);
-        return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+        if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+               return -EFAULT;
+       return 0;
  
      case SNDCTL_DSP_GETBLKSIZE:
          if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/midibuf.c b/sound/oss/midibuf.c

index 66815f307b78edcc6562eaf6cdece96d98051103..f7a88d688fda58d66ef46246579bb128b3ef540b 100644 (file)
--- a/sound/oss/midibuf.c
+++ b/sound/oss/midibuf.c
@@ -290,15 +290,15 @@ int MIDIbuf_write(int dev, struct file *file, const char *buf, int count)
                                  */
  
                         if (file->f_flags & O_NONBLOCK) {
-                               restore_flags(flags);
-                               return -EAGAIN;
+                               c = -EAGAIN;
+                               goto out;
                         }
  
                         interruptible_sleep_on(&midi_sleeper[dev]);
                         if (signal_pending(current)) 
                         {
-                               restore_flags(flags);
-                               return -EINTR;
+                               c = -EINTR;
+                               goto out;
                         }
                         n = SPACE_AVAIL(midi_out_buf[dev]);
                 }
@@ -308,11 +308,15 @@ int MIDIbuf_write(int dev, struct file *file, const char *buf, int count)
                 for (i = 0; i < n; i++)
                 {
                         /* BROKE BROKE BROKE - CANT DO THIS WITH CLI !! */
-                       copy_from_user((char *) &tmp_data, &(buf)[c], 1);
+                       if (copy_from_user((char *) &tmp_data, &(buf)[c], 1)) {
+                               c = -EFAULT;
+                               goto out;
+                       }
                         QUEUE_BYTE(midi_out_buf[dev], tmp_data);
                         c++;
                 }
         }
+out:
         restore_flags(flags);
         return c;
  }
@@ -333,8 +337,8 @@ int MIDIbuf_read(int dev, struct file *file, char *buf, int count)
                                                  * No data yet, wait
                                                  */
                 if (file->f_flags & O_NONBLOCK) {
-                       restore_flags(flags);
-                       return -EAGAIN;
+                       c = -EAGAIN;
+                       goto out;
                 }
                 interruptible_sleep_on_timeout(&input_sleeper[dev],
                                                parms[dev].prech_timeout);
@@ -357,10 +361,14 @@ int MIDIbuf_read(int dev, struct file *file, char *buf, int count)
                         REMOVE_BYTE(midi_in_buf[dev], tmp_data);
                         fixit = (char *) &tmp_data;
                         /* BROKE BROKE BROKE */
-                       copy_to_user(&(buf)[c], fixit, 1);
+                       if (copy_to_user(&(buf)[c], fixit, 1)) {
+                               c = -EFAULT;
+                               goto out;
+                       }
                         c++;
                 }
         }
+out:
         restore_flags(flags);
         return c;
  }
diff --git a/sound/oss/msnd_pinnacle.c b/sound/oss/msnd_pinnacle.c

index 83d6c29cc0eda52a5566fff29446b36622d38b93..aefb708555e52279807c44ac72c8e564e9f5ef8e 100644 (file)
--- a/sound/oss/msnd_pinnacle.c
+++ b/sound/oss/msnd_pinnacle.c
@@ -564,11 +564,15 @@ static int mixer_ioctl(unsigned int cmd, unsigned long arg)
                 mixer_info info;
                 set_mixer_info();
                 info.modify_counter = dev.mixer_mod_count;
-               return copy_to_user((void *)arg, &info, sizeof(info));
+               if (copy_to_user((void *)arg, &info, sizeof(info)))
+                       return -EFAULT;
+               return 0;
         } else if (cmd == SOUND_OLD_MIXER_INFO) {
                 _old_mixer_info info;
                 set_mixer_info();
-               return copy_to_user((void *)arg, &info, sizeof(info));
+               if (copy_to_user((void *)arg, &info, sizeof(info)))
+                       return -EFAULT;
+               return 0;
         } else if (cmd == SOUND_MIXER_PRIVATE1) {
                 dev.nresets = 0;
                 dsp_full_reset();
diff --git a/sound/oss/rme96xx.c b/sound/oss/rme96xx.c

index 95aebe7f056b62c5441e942864b2995f5e103dbb..fabb7110ef1f973b1cbded5de493905674e2a789 100644 (file)
--- a/sound/oss/rme96xx.c
+++ b/sound/oss/rme96xx.c
@@ -1083,7 +1083,9 @@ static int rme96xx_ioctl(struct inode *in, struct file *file,
                         dma->readptr &= s->fragsize<<1;
                 spin_unlock_irqrestore(&s->lock,flags);
  
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_READ))
@@ -1100,7 +1102,9 @@ static int rme96xx_ioctl(struct inode *in, struct file *file,
                 if (dma->mmapped)
                         dma->writeptr &= s->fragsize<<1;
                 spin_unlock_irqrestore(&s->lock,flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
          case SNDCTL_DSP_GETBLKSIZE:
              return put_user(s->fragsize, (int *)arg);
  
@@ -1520,7 +1524,8 @@ static int rme96xx_mixer_ioctl(struct inode *inode, struct file *file, unsigned
         VALIDATE_STATE(s);
         if (cmd == SOUND_MIXER_PRIVATE1) {
                 rme_mixer mixer;
-               copy_from_user(&mixer,(void*)arg,sizeof(mixer));
+               if (copy_from_user(&mixer,(void*)arg,sizeof(mixer)))
+                       return -EFAULT;
                 
                 if (file->f_mode & FMODE_WRITE) {
                      s->dma[mixer.devnr].outoffset = mixer.o_offset;
@@ -1537,7 +1542,8 @@ static int rme96xx_mixer_ioctl(struct inode *inode, struct file *file, unsigned
         }
         if (cmd == SOUND_MIXER_PRIVATE3) {
              u32 control;
-            copy_from_user(&control,(void*)arg,sizeof(control)); 
+            if (copy_from_user(&control,(void*)arg,sizeof(control)))
+                    return -EFAULT;
              if (file->f_mode & FMODE_WRITE) {
                   s->control_register = control;
                   writel(control,s->iobase + RME96xx_control_register);
diff --git a/sound/oss/sb_audio.c b/sound/oss/sb_audio.c

index 31ce9b7bb6decf69eadc8f8d5d31d27a877055ae..6b0a3f7275ee340fcea3f8c56c9870e57fd87f01 100644 (file)
--- a/sound/oss/sb_audio.c
+++ b/sound/oss/sb_audio.c
@@ -849,7 +849,9 @@ sb16_copy_from_user(int dev,
         /* if not duplex no conversion */
         if (!devc->fullduplex)
         {
-               copy_from_user (localbuf + localoffs, userbuf + useroffs, len);
+               if (copy_from_user(localbuf + localoffs,
+                                  userbuf + useroffs, len))
+                       return -EFAULT;
                 *used = len;
                 *returned = len;
         }
@@ -869,9 +871,10 @@ sb16_copy_from_user(int dev,
                 {
                         locallen = (c >= LBUFCOPYSIZE ? LBUFCOPYSIZE : c);
                         /* << 1 in order to get 16 bit samples */
-                       copy_from_user (lbuf16,
-                                       userbuf+useroffs + (p << 1),
-                                       locallen << 1);
+                       if (copy_from_user(lbuf16,
+                                          userbuf + useroffs + (p << 1),
+                                          locallen << 1))
+                               return -EFAULT;
                         for (i = 0; i < locallen; i++)
                         {
                                 buf8[p+i] = ~((lbuf16[i] >> 8) & 0xff) ^ 0x80;
@@ -898,9 +901,10 @@ sb16_copy_from_user(int dev,
                 while (c)
                 {
                         locallen = (c >= LBUFCOPYSIZE ? LBUFCOPYSIZE : c);
-                       copy_from_user (lbuf8,
-                                       userbuf+useroffs + p,
-                                       locallen);
+                       if (copy_from_user(lbuf8,
+                                          userbuf+useroffs + p,
+                                          locallen))
+                               return -EFAULT;
                         for (i = 0; i < locallen; i++)
                         {
                                 buf16[p+i] = (~lbuf8[i] ^ 0x80) << 8;
diff --git a/sound/oss/sequencer.c b/sound/oss/sequencer.c

index d1be5e958ff66a3e39a6c25a7f1504d21e71b5bd..98ef5a3c79dfff60c2ab45ea4a8c7f37e91055c4 100644 (file)
--- a/sound/oss/sequencer.c
+++ b/sound/oss/sequencer.c
@@ -116,13 +116,15 @@ int sequencer_read(int dev, struct file *file, char *buf, int count)
         while (iqlen && c >= ev_len)
         {
                 char *fixit = (char *) &iqueue[iqhead * IEV_SZ];
-               copy_to_user(&(buf)[p], fixit, ev_len);
+               if (copy_to_user(&(buf)[p], fixit, ev_len))
+                       goto out;
                 p += ev_len;
                 c -= ev_len;
  
                 iqhead = (iqhead + 1) % SEQ_MAX_QUEUE;
                 iqlen--;
         }
+out:
         restore_flags(flags);
         return count - c;
  }
@@ -226,7 +228,8 @@ int sequencer_write(int dev, struct file *file, const char *buf, int count)
  
         while (c >= 4)
         {
-               copy_from_user((char *) event_rec, &(buf)[p], 4);
+               if (copy_from_user((char *) event_rec, &(buf)[p], 4))
+                       goto out;
                 ev_code = event_rec[0];
  
                 if (ev_code == SEQ_FULLSIZE)
@@ -262,7 +265,9 @@ int sequencer_write(int dev, struct file *file, const char *buf, int count)
                                         seq_startplay();
                                 return count - c;
                         }
-                       copy_from_user((char *) &event_rec[4], &(buf)[p + 4], 4);
+                       if (copy_from_user((char *)&event_rec[4],
+                                          &(buf)[p + 4], 4))
+                               goto out;
  
                 }
                 else
@@ -320,7 +325,7 @@ int sequencer_write(int dev, struct file *file, const char *buf, int count)
  
         if (!seq_playing)
                 seq_startplay();
-
+out:
         return count;
  }
  
diff --git a/sound/oss/sonicvibes.c b/sound/oss/sonicvibes.c

index 79410bb19555b9c273887349d5befa46d118bc05..0fd192654215cb49d878a0026bac346e7c000e51 100644 (file)
--- a/sound/oss/sonicvibes.c
+++ b/sound/oss/sonicvibes.c
@@ -1802,7 +1802,9 @@ static int sv_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                 if (s->dma_adc.mapped)
                         s->dma_adc.count &= s->dma_adc.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETOPTR:
                 if (!(file->f_mode & FMODE_WRITE))
@@ -1820,7 +1822,9 @@ static int sv_ioctl(struct inode *inode, struct file *file, unsigned int cmd, un
                 if (s->dma_dac.mapped)
                         s->dma_dac.count &= s->dma_dac.fragsize-1;
                 spin_unlock_irqrestore(&s->lock, flags);
-                return copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+                if (copy_to_user((void *)arg, &cinfo, sizeof(cinfo)))
+                       return -EFAULT;
+               return 0;
  
          case SNDCTL_DSP_GETBLKSIZE:
                 if (file->f_mode & FMODE_WRITE) {
diff --git a/sound/oss/trident.c b/sound/oss/trident.c

index c85f230f31c901d9994df64ae72eca1dd4c8c64f..582ba2af48f6fa463fed031579be51c37c79fc42 100644 (file)
--- a/sound/oss/trident.c
+++ b/sound/oss/trident.c
@@ -2447,7 +2447,8 @@ static int trident_ioctl(struct inode *inode, struct file *file, unsigned int cm
                 if (dmabuf->mapped)
                         dmabuf->count &= dmabuf->fragsize-1;
                 spin_unlock_irqrestore(&state->card->lock, flags);
-               ret = copy_to_user((void *)arg, &cinfo, sizeof(cinfo));
+               ret = copy_to_user((void *)arg, &cinfo, sizeof(cinfo)) ?
+                               -EFAULT : 0;
                 break;
  
         case SNDCTL_DSP_GETOPTR:
diff --git a/sound/oss/via82cxxx_audio.c b/sound/oss/via82cxxx_audio.c

index c41a49ebcb6e3a13f0d46abcfd3a9459b93cfbc5..9f85c6e05a2011d3b1f5ad5304f470ee842a72a9 100644 (file)
--- a/sound/oss/via82cxxx_audio.c
+++ b/sound/oss/via82cxxx_audio.c
@@ -2526,7 +2526,7 @@ static int via_dsp_ioctl_space (struct via_info *card,
                 info.fragments,
                 info.bytes);
  
-       return copy_to_user (arg, &info, sizeof (info));
+       return copy_to_user(arg, &info, sizeof (info)) ? -EFAULT : 0;
  }
  
  
@@ -2570,7 +2570,7 @@ static int via_dsp_ioctl_ptr (struct via_info *card,
                 info.blocks,
                 info.ptr);
  
-       return copy_to_user (arg, &info, sizeof (info));
+       return copy_to_user(arg, &info, sizeof (info)) ? -EFAULT : 0;
  }
  
  
diff --git a/sound/oss/vwsnd.c b/sound/oss/vwsnd.c

index ab128f68357bdef964ce80e51c71850fae2f5856..73c736d35c5ea00873a6bc14e964d3b96c8ac1f5 100644 (file)
--- a/sound/oss/vwsnd.c
+++ b/sound/oss/vwsnd.c
@@ -2303,7 +2303,8 @@ static ssize_t vwsnd_audio_do_read(struct file *file,
                 if (nb > count)
                         nb = count;
                 DBGPV("nb = %d\n", nb);
-               copy_to_user(buffer, rport->swbuf + rport->swb_u_idx, nb);
+               if (copy_to_user(buffer, rport->swbuf + rport->swb_u_idx, nb))
+                       return -EFAULT;
                 (void) swb_inc_u(rport, nb);
                 buffer += nb;
                 count -= nb;
@@ -2377,7 +2378,8 @@ static ssize_t vwsnd_audio_do_write(struct file *file,
                 if (nb > count)
                         nb = count;
                 DBGPV("nb = %d\n", nb);
-               copy_from_user(wport->swbuf + wport->swb_u_idx, buffer, nb);
+               if (copy_from_user(wport->swbuf + wport->swb_u_idx, buffer, nb))
+                       return -EFAULT;
                 pcm_output(devc, 0, nb);
                 buffer += nb;
                 count -= nb;
@@ -2650,7 +2652,9 @@ static int vwsnd_audio_do_ioctl(struct inode *inode,
                 DBGXV("SNDCTL_DSP_GETOSPACE returns { %d %d %d %d }\n",
                      buf_info.fragments, buf_info.fragstotal,
                      buf_info.fragsize, buf_info.bytes);
-               return copy_to_user((void *) arg, &buf_info, sizeof buf_info);
+               if (copy_to_user((void *) arg, &buf_info, sizeof buf_info))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETISPACE:      /* _SIOR ('P',13, audio_buf_info) */
                 DBGX("SNDCTL_DSP_GETISPACE\n");
@@ -2667,7 +2671,9 @@ static int vwsnd_audio_do_ioctl(struct inode *inode,
                 DBGX("SNDCTL_DSP_GETISPACE returns { %d %d %d %d }\n",
                      buf_info.fragments, buf_info.fragstotal,
                      buf_info.fragsize, buf_info.bytes);
-               return copy_to_user((void *) arg, &buf_info, sizeof buf_info);
+               if (copy_to_user((void *) arg, &buf_info, sizeof buf_info))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_NONBLOCK:       /* _SIO  ('P',14) */
                 DBGX("SNDCTL_DSP_NONBLOCK\n");
@@ -2725,7 +2731,9 @@ static int vwsnd_audio_do_ioctl(struct inode *inode,
                         rport->frag_count = 0;
                 }
                 spin_unlock_irqrestore(&rport->lock, flags);
-               return copy_to_user((void *) arg, &info, sizeof info);
+               if (copy_to_user((void *) arg, &info, sizeof info))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETOPTR:        /* _SIOR ('P',18, count_info) */
                 DBGX("SNDCTL_DSP_GETOPTR\n");
@@ -2747,7 +2755,9 @@ static int vwsnd_audio_do_ioctl(struct inode *inode,
                         wport->frag_count = 0;
                 }
                 spin_unlock_irqrestore(&wport->lock, flags);
-               return copy_to_user((void *) arg, &info, sizeof info);
+               if (copy_to_user((void *) arg, &info, sizeof info))
+                       return -EFAULT;
+               return 0;
  
         case SNDCTL_DSP_GETODELAY:      /* _SIOR ('P', 23, int) */
                 DBGX("SNDCTL_DSP_GETODELAY\n");
diff --git a/sound/oss/wavfront.c b/sound/oss/wavfront.c

index 632e73127a8273c373343e0baae174d8eff2be11..5b084983d7fa0834ced84f8b42f3c492f250211c 100644 (file)
--- a/sound/oss/wavfront.c
+++ b/sound/oss/wavfront.c
@@ -1525,8 +1525,9 @@ wavefront_load_gus_patch (int devno, int format, const char *addr,
         /* Copy in the header of the GUS patch */
  
         sizeof_patch = (long) &guspatch.data[0] - (long) &guspatch; 
-       copy_from_user (&((char *) &guspatch)[offs],
-                       &(addr)[offs], sizeof_patch - offs);
+       if (copy_from_user(&((char *) &guspatch)[offs],
+                          &(addr)[offs], sizeof_patch - offs))
+               return -EFAULT;
  
         if ((i = wavefront_find_free_patch ()) == -1) {
                 return -EBUSY;
@@ -1662,7 +1663,7 @@ wavefront_load_patch (const char *addr)
         if (copy_from_user (&header, addr, sizeof(wavefront_patch_info) -
                             sizeof(wavefront_any))) {
                 printk (KERN_WARNING LOGNAME "bad address for load patch.\n");
-               return -(EINVAL);
+               return -EFAULT;
         }
  
         DPRINT (WF_DEBUG_LOAD_PATCH, "download "
@@ -1676,47 +1677,53 @@ wavefront_load_patch (const char *addr)
         switch (header.subkey) {
         case WF_ST_SAMPLE:  /* sample or sample_header, based on patch->size */
  
-               copy_from_user ((unsigned char *) &header.hdr.s,
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_sample));
+               if (copy_from_user((unsigned char *) &header.hdr.s,
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof (wavefront_sample)))
+                       return -EFAULT;
  
                 return wavefront_send_sample (&header, header.dataptr, 0);
  
         case WF_ST_MULTISAMPLE:
  
-               copy_from_user ((unsigned char *) &header.hdr.s,
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_multisample));
+               if (copy_from_user((unsigned char *) &header.hdr.s,
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof(wavefront_multisample)))
+                       return -EFAULT;
  
                 return wavefront_send_multisample (&header);
  
  
         case WF_ST_ALIAS:
  
-               copy_from_user ((unsigned char *) &header.hdr.a,
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_alias));
+               if (copy_from_user((unsigned char *) &header.hdr.a,
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof (wavefront_alias)))
+                       return -EFAULT;
  
                 return wavefront_send_alias (&header);
  
         case WF_ST_DRUM:
-               copy_from_user ((unsigned char *) &header.hdr.d, 
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_drum));
+               if (copy_from_user((unsigned char *) &header.hdr.d, 
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof (wavefront_drum)))
+                       return -EFAULT;
  
                 return wavefront_send_drum (&header);
  
         case WF_ST_PATCH:
-               copy_from_user ((unsigned char *) &header.hdr.p, 
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_patch));
+               if (copy_from_user((unsigned char *) &header.hdr.p, 
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof (wavefront_patch)))
+                       return -EFAULT;
  
                 return wavefront_send_patch (&header);
  
         case WF_ST_PROGRAM:
-               copy_from_user ((unsigned char *) &header.hdr.pr, 
-                               (unsigned char *) header.hdrptr,
-                               sizeof (wavefront_program));
+               if (copy_from_user((unsigned char *) &header.hdr.pr, 
+                                  (unsigned char *) header.hdrptr,
+                                  sizeof (wavefront_program)))
+                       return -EFAULT;
  
                 return wavefront_send_program (&header);
  
@@ -1931,10 +1938,12 @@ wavefront_ioctl(struct inode *inode, struct file *file,
         switch (cmd) {
  
         case WFCTL_WFCMD:
-               copy_from_user (&wc, (void *) arg, sizeof (wc));
+               if (copy_from_user(&wc, (void *) arg, sizeof (wc)))
+                       return -EFAULT;
                 
                 if ((err = wavefront_synth_control (cmd, &wc)) == 0) {
-                       copy_to_user ((void *) arg, &wc, sizeof (wc));
+                       if (copy_to_user ((void *) arg, &wc, sizeof (wc)))
+                               return -EFAULT;
                 }
  
                 return err;
@@ -2995,8 +3004,10 @@ wffx_ioctl (wavefront_fx_info *r)
                                         "> 255 bytes to FX\n");
                                 return -(EINVAL);
                         }
-                       copy_from_user (page_data, (unsigned char *) r->data[3],
-                                       r->data[2]);
+                       if (copy_from_user(page_data,
+                                          (unsigned char *)r->data[3],
+                                          r->data[2]))
+                               return -EFAULT;
                         pd = page_data;
                 }
author	Arnaldo Carvalho de Melo <acme@conectiva.com.br>
	Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)
committer	Arnaldo Carvalho de Melo <acme@conectiva.com.br>
	Sat, 18 May 2002 23:58:25 +0000 (20:58 -0300)
sound/oss/cmpci.c		patch \| blob \| history
sound/oss/cs4281/cs4281m.c		patch \| blob \| history
sound/oss/cs46xx.c		patch \| blob \| history
sound/oss/emu10k1/cardwi.c		patch \| blob \| history
sound/oss/emu10k1/cardwo.c		patch \| blob \| history
sound/oss/emu10k1/passthrough.c		patch \| blob \| history
sound/oss/es1370.c		patch \| blob \| history
sound/oss/es1371.c		patch \| blob \| history
sound/oss/esssolo1.c		patch \| blob \| history
sound/oss/gus_wave.c		patch \| blob \| history
sound/oss/i810_audio.c		patch \| blob \| history
sound/oss/ite8172.c		patch \| blob \| history
sound/oss/maestro.c		patch \| blob \| history
sound/oss/maestro3.c		patch \| blob \| history
sound/oss/midibuf.c		patch \| blob \| history
sound/oss/msnd_pinnacle.c		patch \| blob \| history
sound/oss/rme96xx.c		patch \| blob \| history
sound/oss/sb_audio.c		patch \| blob \| history
sound/oss/sequencer.c		patch \| blob \| history
sound/oss/sonicvibes.c		patch \| blob \| history
sound/oss/trident.c		patch \| blob \| history
sound/oss/via82cxxx_audio.c		patch \| blob \| history
sound/oss/vwsnd.c		patch \| blob \| history
sound/oss/wavfront.c		patch \| blob \| history