From: David van Moolenbroek Date: Tue, 22 Oct 2013 14:00:02 +0000 (+0000) Subject: libbdev: fix IOCTL grant access bug X-Git-Tag: v3.3.0~738 X-Git-Url: http://zhaoyanbai.com/repos/?a=commitdiff_plain;h=daf0e5cc893e8f240c7607ae7ec758c723fabc54;p=minix.git libbdev: fix IOCTL grant access bug Reported by Coverity. Change-Id: I34983312bebd9bf2449412b7dfa691ed208867ea --- diff --git a/lib/libbdev/bdev.c b/lib/libbdev/bdev.c index b950368f5..f8eafb9c9 100644 --- a/lib/libbdev/bdev.c +++ b/lib/libbdev/bdev.c @@ -323,8 +323,8 @@ static int bdev_ioctl_setup(dev_t dev, int request, void *buf, message *m) size = _MINIX_IOCTL_SIZE(request); access = 0; - if (_MINIX_IOCTL_IOR(access)) access |= CPF_WRITE; - if (_MINIX_IOCTL_IOW(access)) access |= CPF_READ; + if (_MINIX_IOCTL_IOR(request)) access |= CPF_WRITE; + if (_MINIX_IOCTL_IOW(request)) access |= CPF_READ; /* The size may be 0, in which case 'buf' need not be a valid pointer. */ grant = cpf_grant_direct(endpt, (vir_bytes) buf, size, access);