Hi Dan,<br><br>I see what you mean - 'pos' and 'dpos' are pointing to two different buffers and overlapping should not happen.<br>After digging more it seems like that I have combination of other problems.<br>
Sorry for the wrong alert.<br><br>Thanks,<br><br>Dmitry<br><br><div class="gmail_quote">On Mon, May 4, 2009 at 7:26 AM, Dan Williams <span dir="ltr"><<a href="mailto:dcbw@redhat.com">dcbw@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Mon, 2009-05-04 at 01:12 -0400, Pavel Roskin wrote:<br>
> On Thu, 2009-04-30 at 16:42 -0700, Dmitry Shmidt wrote:<br>
> > Hi,<br>
> ><br>
> > In driver_wext.c in function there is memcpy that has overlapping<br>
> > areas :<br>
> > struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)<br>
> > {<br>
> > ...<br>
> > if (wext_19_iw_point(drv, iwe->cmd)) {<br>
> > /* WE-19 removed the pointer from struct iw_point */<br>
> > char *dpos = (char *) &iwe_buf.u.data.length;<br>
> > int dlen = dpos - (char *) &iwe_buf;<br>
> > os_memcpy(dpos, pos + IW_EV_LCP_LEN, <<<<<<<<<<<br>
> > sizeof(struct iw_event) - dlen);<br>
> > } else {<br>
> > os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));<br>
> > custom += IW_EV_POINT_OFF;<br>
> > }<br>
> > ...<br>
> > }<br>
> ><br>
> > It didn't work for me so I needed to exchange it with memmove() call.<br>
><br>
> Actually, there is a function os_memmove() that should do it.<br>
<br>
</div>Right, but I'd like to know how this was actually overlapping in the<br>
first place... I tried to figure that out on Friday but the WEXT event<br>
code is impossible to understand. I don't believe the memory *should*<br>
overlap, and thus this might be hiding a bug in the driver or kernel<br>
that the OP is using.<br>
<br>
This should just copy the iw_point structure (which is really just flags<br>
and length) into iwe_buf, no?<br>
<font color="#888888"><br>
Dan<br>
</font><div><div></div><div class="h5"><br>
> > I am just curious how it worked for other people ? Is it possible that<br>
> > most memcpy() lib functions know how to handle overlapping areas ?<br>
><br>
> Maybe it just iterates over the memory in the direction that we need.<br>
><br>
> > Anyway it is not a mandatory memcpy() functionality.<br>
><br>
> I agree.<br>
><br>
<br>
</div></div></blockquote></div><br>