On Tue, Nov 17, 2015 at 09:33:11AM -0800, Busch, Keith wrote:
> I accidently deleted my comment. Here's what it said:
>
> + list = g_malloc(data_len);
> + for (i = 0; i < n->num_namespaces; i++) {
> + if (i <= min_nsid) {
> + continue;
> + }
> + list[i] = i;
>
> This should be:
>
> + list[i] = cpu_to_le32(i);
Just saw this: we can't use the raw 'i' for the list index. It could
return a badly formatted list if min_nsid is non-zero, or, even worse,
corrupt memory if num_namsepaces > 1024. Need to do this instead:
+ list[i - min_nsid] = cpu_to_le32(i);
