On Sun, Aug 26, 2018 at 10:55:24AM +0000, Bernd Edlinger wrote: > Ping... > Sorry, I had actually completely forgotten about this one. > > On 07/07/18 19:52, Bernd Edlinger wrote: > > The terminating NUL byte is only there because the buffer is > > allocated with kzalloc(PAGE_SIZE, GFP_KERNEL), but since the > > range-check is off-by-one, and PAGE_SIZE==PATH_MAX, the > > returned string may not be zero-terminated if it is exactly > > PATH_MAX characters long. Furthermore also the initial loop > > may theoretically exceed PATH_MAX and cause a fault. > > > > Signed-off-by: Bernd Edlinger <bernd.edlin...@hotmail.de>
Acked-by: Tejun Heo <t...@kernel.org> Thanks. -- tejun
