Skip to content

Commit a093c79

Browse files
jfb8856606jfb8856606
committed
ioctl_va bug fix #665.
1 parent f211ded commit a093c79

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

tools/compat/ioctl.c

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,7 @@ ioctl_va(int fd, unsigned long com, void *data, int argc, ...)
114114
msg->ioctl.cmd = com;
115115
msg->ioctl.data = msg->buf_addr;
116116
memcpy(msg->ioctl.data, data, size);
117-
msg->buf_addr += size;
117+
char *buf_addr = msg->buf_addr + size;
118118

119119
if (argc == 3) {
120120
if (size + clen > msg->buf_len) {
@@ -123,7 +123,6 @@ ioctl_va(int fd, unsigned long com, void *data, int argc, ...)
123123
return -1;
124124
}
125125
char *ptr = (char *)(msg->ioctl.data) + offset;
126-
char *buf_addr = msg->buf_addr;
127126
memcpy(ptr, &buf_addr, sizeof(char *));
128127
memcpy(buf_addr, cpy_mem, clen);
129128
}
@@ -152,7 +151,7 @@ ioctl_va(int fd, unsigned long com, void *data, int argc, ...)
152151
if (com & IOC_OUT) {
153152
memcpy(data, retmsg->ioctl.data, size);
154153
if (argc == 3) {
155-
memcpy(cpy_mem, retmsg->buf_addr, clen);
154+
memcpy(cpy_mem, buf_addr, clen);
156155
char *ptr = (char *)data + offset;
157156
memcpy(ptr, &cpy_mem, sizeof(void *));
158157
}

0 commit comments

Comments
 (0)