staging: binder: correct ptr handling

author Chih-Wei Huang <cwhuang@linux.org.tw>

Mon, 1 Dec 2014 17:03:18 +0000 (01:03 +0800)

committer Chih-Wei Huang <cwhuang@linux.org.tw>

Sun, 28 Dec 2014 08:03:17 +0000 (16:03 +0800)
author Chih-Wei Huang <cwhuang@linux.org.tw>
Mon, 1 Dec 2014 17:03:18 +0000 (01:03 +0800)
committer Chih-Wei Huang <cwhuang@linux.org.tw>
Sun, 28 Dec 2014 08:03:17 +0000 (16:03 +0800)
diff --git a/drivers/staging/android/binder.c b/drivers/staging/android/binder.c

index c69c40d..d53ab57 100644 (file)
--- a/drivers/staging/android/binder.c
+++ b/drivers/staging/android/binder.c
@@ -2047,7 +2047,7 @@ static int binder_thread_write(struct binder_proc *proc,
                         if (get_user(cookie, (binder_uintptr_t __user *)ptr))
                                 return -EFAULT;
  
-                       ptr += sizeof(void *);
+                       ptr += sizeof(binder_uintptr_t);
                         list_for_each_entry(w, &proc->delivered_death, entry) {
                                 struct binder_ref_death *tmp_death = container_of(w, struct binder_ref_death, work);
author	Chih-Wei Huang <cwhuang@linux.org.tw>
	Mon, 1 Dec 2014 17:03:18 +0000 (01:03 +0800)
committer	Chih-Wei Huang <cwhuang@linux.org.tw>
	Sun, 28 Dec 2014 08:03:17 +0000 (16:03 +0800)