On Wed, Jan 18, 2012 at 12:56:02PM +0300, Dan Carpenter wrote: > There is no point in passing a zero length string here and quite a > few of that cache_parse() implementations will Oops if count is > zero. Thanks, I'll apply. Could we clean up any checks in cache_parse() that are unnecessary now? --b. > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c > index 465df9a..8c6598e 100644 > --- a/net/sunrpc/cache.c > +++ b/net/sunrpc/cache.c > @@ -828,6 +828,8 @@ static ssize_t cache_do_downcall(char *kaddr, const char __user *buf, > { > ssize_t ret; > > + if (count == 0) > + return -EINVAL; > if (copy_from_user(kaddr, buf, count)) > return -EFAULT; > kaddr[count] = '\0'; -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html