On Wed, Aug 30, 2017 at 04:37:04PM +0100, Al Viro wrote: > On Wed, Aug 30, 2017 at 04:59:56PM +0200, Christoph Hellwig wrote: > > Use proper ssize_t and size_t types for the return value and count > > argument, move the offset last and make it an in/out argument like > > all other read/write helpers. > > Might be better to switch the third argument to void * at the same time > and lose those casts. Good point, updated. > > > if (p) > > memcpy(p + offset, buf, n); > > - > > - offset += n; > > Almost certainly broken - in effect, you've taken the update of offset > several lines prior, so that memcpy() is getting the wrong first argument. > The same needs to be watched out for in other similar places. Fixed. I did an audit and didn't find any others either for kernel_read or kernel_write.
