diff options
author | Jim Meyering | 2012-04-25 21:24:17 +0200 |
---|---|---|
committer | Josef Bacik | 2012-05-30 10:23:32 -0400 |
commit | f60d16a8923201bb27ad7c09016abab2818cf8ce (patch) | |
tree | 7bb7f019dad20883b01cb7689d80195d483e37a4 /net/ipv4/tcp_ipv4.c | |
parent | a27202fbe92b12eec895c36644440175de01d7a6 (diff) |
Btrfs: avoid buffer overrun in mount option handling
There is an off-by-one error: allocating room for a maximal result
string but without room for a trailing NUL. That, can lead to
returning a transformed string that is not NUL-terminated, and
then to a caller reading beyond end of the malloc'd buffer.
Rewrite to s/kzalloc/kmalloc/, remove unwarranted use of strncpy
(the result is guaranteed to fit), remove dead strlen at end, and
change a few variable names and comments.
Reviewed-by: Josef Bacik <josef@redhat.com>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Diffstat (limited to 'net/ipv4/tcp_ipv4.c')
0 files changed, 0 insertions, 0 deletions