Date: 29 Mar 1997 09:43:09 -0000 From: Dan Cross <tenser@spitfire.ecsel.psu.edu> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/3139: bug in qcamcontrol... Message-ID: <19970329094309.548.qmail@odin.ecsel.psu.edu> Resent-Message-ID: <199703290950.BAA17986@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 3139
>Category: bin
>Synopsis: qcamcontrol has a bug where I/O errors are not reported.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 29 01:50:01 PST 1997
>Last-Modified:
>Originator: Dan Cross
>Organization:
PSU Mathematics
>Release: FreeBSD 2.2-RELEASE i386
>Environment:
Pentium, 16 MB RAM, 1.2GB disk, Connectix QuickCam.
>Description:
The read loop in qcamcontrol.c keeps a count of the current
number of bytes read in the variable ``bytes'' defined as
type size_t. In the loop, is tested for values less than
zero to detect errors. However, size_t is defined by our
buddies over at ANSI as being an unsigned integral value,
thus the negative is never detected. Further, bytes should
really be ssize_t, as that is what read(2) is defined to
return, and that is a signed value.
>How-To-Repeat:
Try reading from a broken QuickCam. Notice the infinte loop. :-)
>Fix:
A patch is included below; it merely changes the type of
``bytes'' to be ssize_t, as specified by the read(2) man
page.
*** qcamcontrol.c 1997/03/29 09:32:14 1.1
--- qcamcontrol.c 1997/03/29 09:41:08
***************
*** 69,75 ****
{
struct qcam info;
int fd, len;
! size_t bytes;
char opt;
static char buffer[QC_MAX_XSIZE*QC_MAX_YSIZE];
--- 69,75 ----
{
struct qcam info;
int fd, len;
! ssize_t bytes;
char opt;
static char buffer[QC_MAX_XSIZE*QC_MAX_YSIZE];
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970329094309.548.qmail>