On Wed, Apr 23, 2014 at 12:06:39AM -0500, Eric Biggers wrote: > The proposed patch doesn't work because in compat_rw_copy_check_uvector(), > 'iov' > is incremented in the loop before it is freed or returned. This probably > should > be changed to indexing with 'seg', like in the non-compat version...
Also, there is still a memory leak in vmsplice() as it does not free the iov buffer if 0 is returned from rw_copy_check_uvector() (possible if all segments are of zero length). -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
