net: nfs: fix the regression when nfs_read_reply() is called

When nfs_read_reply() is called, it should be stucked in memcpy().
size of rpc_pkt.u.reply() might be too bigger.
Change from 'sizeof(rpc_pkt.u.reply)' to 'len'.

Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>

diff --git a/net/nfs.c b/net/nfs.c
index aca0ca55f3f76749c8ff3d663b5d05eb68517b7e..083890020af40e8f953e8c812140702edf2cd2de 100644 (file)
--- a/net/nfs.c
+++ b/net/nfs.c
@@ -667,7 +667,7 @@ static int nfs_read_reply(uchar *pkt, unsigned len)
 
        debug("%s\n", __func__);
 
-       memcpy(&rpc_pkt.u.data[0], pkt, sizeof(rpc_pkt.u.reply));
+       memcpy(&rpc_pkt.u.data[0], pkt, len);
 
        if (ntohl(rpc_pkt.u.reply.id) > rpc_id)
                return -NFS_RPC_ERR;