On Wed, Jul 17, 2013 at 05:20:31AM +0100, Phillip Lougher wrote:
> On 15 July 2013 17:17, Dan Carpenter wrote:
> > We read the size of the name from the disk, but a larger name than
> > expected would cause memory corruption.
>
> Thanks for the patch, it's queued for the next merge window. There'
On 15 July 2013 17:17, Dan Carpenter wrote:
> We read the size of the name from the disk, but a larger name than
> expected would cause memory corruption.
Thanks for the patch, it's queued for the next merge window. There's
one mistake with the patch, but I can fix it when it's applied, or you
ca
We read the size of the name from the disk, but a larger name than
expected would cause memory corruption.
Signed-off-by: Dan Carpenter
---
I don't know this code very well, but to me it looks like there is an
off by one bug here as well.
We say:
size = le32_to_cpu(index->size) + 1;
Th
3 matches
Mail list logo