Hi Nikhil,
First of all, sorry for the delay in answering. I needed some time to really
look at
this.
Anyway, this patch as is is not good enough since it does not handle the case
where
data_offset is > length and bytesused == 0.
However, I think the solution should be done differently. I'll p
verify_length would fail if the user space fills up the data_offset field
and bytesused is left as zero. Correct this.
If bytesused is not populated, it means bytesused is same as length.
Checking data offset >= bytesused makes sense only if bytesused is valid.
Signed-off-by: Nikhil Devshatwar
-
