site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Sending again from the correct account so it doesn't bounce. Are you doing this on PowerPC architecture or i386? On 25 Sep 2006, at 12:57, sanjay yaragatti wrote: Hi all, I had recently posted a mail asking about the problems faced in dev_write of a character deive using uiomove.I am now able to print the data after doing the uiomove() opearation i,e print the data after copying from user space to kernel space. I have observed that uimove() api in the driver works only when u write a null terminated string from the user space application. How do i write a single character from user space application which is not null terminated?? write(device_fd, (char *)&c, 1); //doesnt work write(device_fd, str, strlen(str)); // works fine Here is the sample user space application through which i am writng to and reading from the driver. int main() { FILE *fp = NULL; int device_fd = -1; char str[50] = {0}; char file_name[40] = {0}; printf("Enter the file name\n"); scanf("%s", file_name); Here you have a potential buffer overflow exploit :-) device_fd = open(dev_name, O_RDWR); fp = fopen(file_name, "r"); if (fp == NULL) { printf("File open failed\n"); return ; } //while ((c = fgetc(fp)) != EOF) // doesnt work c is an int. i.e. 4 bytes while ((retval= fgets(str,sizeof(str),fp)) != NULL) { //ret = write(device_fd, (char *)&c, 1); // doesnt work ret = write(device_fd, str, 10); // works fine } } e.g. on a PowerPC based Mac: jeremyp@pamela:jeremyp$ cat >test_endian.c #include <stdio.h> int main () { int c = 'X' ; On an Intel based Mac the output looks like this: c = 0x00000058, *(char*)&c = 0x58, *((char*)&c + 3) = 0x00 __________________________________________________________ Yahoo! India Answers: Share what you know. Learn something new http://in.answers.yahoo.com/ _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/adc%40jeremyp.net This email sent to adc@jeremyp.net _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... Here you are not writing the null character at the end of the string. strlen (str) returns the number of characters before the first null On PowerPC, (char*)&c points to the high byte of c, probably a null byte. On i386 it points to your character. printf ("c = 0x%08x, *(char*)&c = 0x%02x, *((char*)&c + 3) = 0x%02x\n", c, (int) (*(char*)&c), (int) (*((char*)&c + 3))) ; return 0 ; } jeremyp@pamela:jeremyp$ cc test_endian.c jeremyp@pamela:jeremyp$ ./a.out c = 0x00000058, *(char*)&c = 0x00, *((char*)&c + 3) = 0x58 This email sent to site_archiver@lists.apple.com