On Fri, 25 May 2007 06:48:34 +0000 "young dave" <[EMAIL PROTECTED]> wrote:
> Yes, I'm sure. but the patch in top post of mine works, the diffrence > is using kzalloc and remove the "ni->name[i] = 0;" line. > Let's walk through the existing code: i = na->name_len * sizeof(ntfschar); now, i = na->name_len * 2 ni->name = kmalloc(i + sizeof(ntfschar), GFP_ATOMIC); we allocated (na->name_len * 2 + 2) bytes if (!ni->name) return -ENOMEM; memcpy(ni->name, na->name, i); we copied (na->name_len * 2) bytes ni->name[i] = 0; here, we zero the two bytes at byte offsets ((na->name_len * 2) * 2) and ((na->name_len * 2) * 2 + 1), and that is the bug. We _want_ to zero the two bytes at byte offsets (na->name_len * 2) and (na->name_len * 2 + 1), which we can do in C via ni->name[na->name_len] = 0; because sizeof(*(ni->name)) == 2. So I'm still suspecting that you mistested that change. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/