On Tue, Mar 30 2010, [email protected] wrote:
> elevator_get() not check the name length, if the name length > sizeof(elv),
> elv will miss the '\0'. And elv buffer will be replace "-iosched" as something
> like aaaaaaaaa, then call request_module() can load an not trust module.
Thanks, good catch! Applied.
--
Jens Axboe