ieee1394: video1394: Use memdup_user

...when user data is immediately copied into the allocated region.

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> (changelog)

diff --git a/drivers/ieee1394/video1394.c b/drivers/ieee1394/video1394.c
index a42bd6893bcf978a0dfddb83e54299c3039ed439..a77483befcdac55ff36aa692960be4b693347dd8 100644 (file)
--- a/drivers/ieee1394/video1394.c
+++ b/drivers/ieee1394/video1394.c
@@ -1045,14 +1045,9 @@ static long video1394_ioctl(struct file *file,
                        if (get_user(qv, &p->packet_sizes))
                                return -EFAULT;
 
-                       psizes = kmalloc(buf_size, GFP_KERNEL);
-                       if (!psizes)
-                               return -ENOMEM;
-
-                       if (copy_from_user(psizes, qv, buf_size)) {
-                               kfree(psizes);
-                               return -EFAULT;
-                       }
+                       psizes = memdup_user(qv, buf_size);
+                       if (IS_ERR(psizes))
+                               return PTR_ERR(psizes);
                }
 
                spin_lock_irqsave(&d->lock,flags);