On Wed, Apr 23, 2014 at 12:06:39AM -0500, Eric Biggers wrote: > The proposed patch doesn't work because in compat_rw_copy_check_uvector(), 'iov' > is incremented in the loop before it is freed or returned. This probably should > be changed to indexing with 'seg', like in the non-compat version... Also, there is still a memory leak in vmsplice() as it does not free the iov buffer if 0 is returned from rw_copy_check_uvector() (possible if all segments are of zero length). -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
