Commit da555db6 authored May 18, 2015 by Mark Tomlinson Committed by Greg Kroah-Hartman May 24, 2015

n_tty: Fix calculation of size in canon_copy_from_read_buf

There was a hardcoded value of 4096 which should have been N_TTY_BUF_SIZE.
This caused reads from tty to fail with EFAULT when they shouldn't have
done if N_TTY_BUF_SIZE was declared to be something other than 4096.

Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
Reviewed-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 392bceed

drivers/tty/n_tty.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -2070,8 +2070,8 @@ static int canon_copy_from_read_buf(struct tty_struct *tty,

		size = N_TTY_BUF_SIZE - tail;
		n = eol - tail;
		if (n > 4096)
		n += 4096;
		if (n > N_TTY_BUF_SIZE)
		n += N_TTY_BUF_SIZE;
		n += found;
		c = n;