net: nfs: fix the regression when nfs_read_reply() is called

When nfs_read_reply() is called, it should be stucked in memcpy().
size of rpc_pkt.u.reply() might be too bigger.
Change from 'sizeof(rpc_pkt.u.reply)' to 'len'.

Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>

diff --git a/net/nfs.c b/net/nfs.c
index 70d0e08..c6c400b 100644 (file)
--- a/net/nfs.c
+++ b/net/nfs.c
@@ -672,7 +672,7 @@ static int nfs_read_reply(uchar *pkt, unsigned len)
 
        debug("%s\n", __func__);
 
-       memcpy(&rpc_pkt.u.data[0], pkt, sizeof(rpc_pkt.u.reply));
+       memcpy(&rpc_pkt.u.data[0], pkt, len);
 
        if (ntohl(rpc_pkt.u.reply.id) > rpc_id)
                return -NFS_RPC_ERR;