On Wed, 19 Sep 2012, Manuel Bouyer wrote:
Here's an updated patch, which checks the size before malloc in mfifioctl(), and I also removed a debug printf in compat_linux. I intend to commit this next weekend.
Are these pass-through ioctl commands denied at securelevel >= 1? --apb (Alan Barrett)