fuse: reduce allocation size for splice_write

The 'bufs' array contains 'pipe->buffers' elements, but the
fuse_dev_splice_write() uses only 'pipe->nrbufs' elements.

So reduce the allocation size to 'pipe->nrbufs' elements.

Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>

diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 1050c1c..11ea2c4 100644 (file)
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -1957,7 +1957,7 @@ static ssize_t fuse_dev_splice_write(struct pipe_inode_info *pipe,
 
        pipe_lock(pipe);
 
-       bufs = kvmalloc_array(pipe->buffers, sizeof(struct pipe_buffer),
+       bufs = kvmalloc_array(pipe->nrbufs, sizeof(struct pipe_buffer),
                              GFP_KERNEL);
        if (!bufs) {
                pipe_unlock(pipe);