From: Clemens Ladisch <clemens@xxxxxxxxxx> utf8_wcstombs forgot to include one-byte UTF-8 characters when calculating the output buffer size, i.e., theoretically, it was possible to overflow the output buffer with an input string that contains enough ASCII characters. In practice, this was no problem because the only user so far (VFAT) always uses a big enough output buffer. Signed-off-by: Clemens Ladisch <clemens@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx> --- fs/nls/nls_base.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/fs/nls/nls_base.c b/fs/nls/nls_base.c index 000736d..750abf2 100644 --- a/fs/nls/nls_base.c +++ b/fs/nls/nls_base.c @@ -150,6 +150,7 @@ utf8_wcstombs(__u8 *s, const wchar_t *pwcs, int maxlen) } } else { *op++ = (__u8) *ip; + maxlen--; } ip++; } -- 1.6.3.2 -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html