On Thu, Jun 16, 2016 at 08:57:38AM +0200, Willy Tarreau wrote: > + type = get_fs_type(fstype); > + if (!type) > + return NULL; > + > copy = kmalloc(PAGE_SIZE, GFP_KERNEL); > if (!copy) > return ERR_PTR(-ENOMEM); > > + /* avoid reading a whole page if the FS only needs a string. */ > + if (!(type->fs_flags & FS_BINARY_MOUNTDATA)) { > + strlcpy(copy, data, PAGE_SIZE); > + return copy; a) it leaks a file_system_type reference b) data is a userland pointer, for crying out loud! -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html