Fix length of buffer copied in __nfs4_get_acl_uncached
Bug-db: 14798
CVE: CVE-2012-2375
(mainline commit
785d76dbd877fb3e631a26f67d86a2dd0c862f8e)
_copy_from_pages() used to copy data from the temporary buffer to the
user passed buffer is passed the wrong size parameter when copying
data. res.acl_len contains both the bitmap and acl lenghts while
acl_len contains the acl length after adjusting for the bitmap size.
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
projects / users / jedix / linux-maple.git / commit