[PATCH] v9fs: allocate the Rwalk qid array from the right conv buffer

When v9fs_deserealize_fcall deserializes a Rwalk message, it incorrectly
allocates space for the qid array in the source instead of the destination
buffer.

Signed-off-by: Latchesar Ionkov <lucho@ionkov.net>
Cc: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/fs/9p/conv.c b/fs/9p/conv.c
index ac2241db2493d69e969b92983304162d592c2606..18121af99d3ef141cb5b641538defb6f1301c008 100644 (file)
--- a/fs/9p/conv.c
+++ b/fs/9p/conv.c
@@ -651,7 +651,7 @@ v9fs_deserialize_fcall(struct v9fs_session_info *v9ses, u32 msgsize,
                break;
        case RWALK:
                rcall->params.rwalk.nwqid = buf_get_int16(bufp);
-               rcall->params.rwalk.wqids = buf_alloc(bufp,
+               rcall->params.rwalk.wqids = buf_alloc(dbufp,
                      rcall->params.rwalk.nwqid * sizeof(struct v9fs_qid));
                if (rcall->params.rwalk.wqids)
                        for (i = 0; i < rcall->params.rwalk.nwqid; i++) {