From: Dave Jones <davej@redhat.com>

Remove a local 1k array.


---

 25-akpm/net/sunrpc/auth_gss/auth_gss.c |   18 +++++++++++++-----
 1 files changed, 13 insertions(+), 5 deletions(-)

diff -puN net/sunrpc/auth_gss/auth_gss.c~nfs4-stack-reduction net/sunrpc/auth_gss/auth_gss.c
--- 25/net/sunrpc/auth_gss/auth_gss.c~nfs4-stack-reduction	Fri May  7 15:12:01 2004
+++ 25-akpm/net/sunrpc/auth_gss/auth_gss.c	Fri May  7 15:12:01 2004
@@ -429,10 +429,8 @@ gss_pipe_upcall(struct file *filp, struc
 static ssize_t
 gss_pipe_downcall(struct file *filp, const char *src, size_t mlen)
 {
-	char buf[1024];
 	struct xdr_netobj obj = {
 		.len	= mlen,
-		.data	= buf,
 	};
 	struct inode *inode = filp->f_dentry->d_inode;
 	struct rpc_inode *rpci = RPC_I(inode);
@@ -448,11 +446,19 @@ gss_pipe_downcall(struct file *filp, con
 	int err;
 	int gss_err;
 
-	if (mlen > sizeof(buf))
+	obj.data = kmalloc(1024, GFP_NOFS);
+	if (!obj.data)
+		return -ENOMEM;
+
+	if (mlen > 1024) {
+		kfree (obj.data);
 		return -ENOSPC;
-	left = copy_from_user(buf, src, mlen);
-	if (left)
+	}
+	left = copy_from_user(obj.data, src, mlen);
+	if (left) {
+		kfree (obj.data);
 		return -EFAULT;
+	}
 	clnt = rpci->private;
 	atomic_inc(&clnt->cl_users);
 	auth = clnt->cl_auth;
@@ -477,12 +483,14 @@ gss_pipe_downcall(struct file *filp, con
 	} else
 		spin_unlock(&gss_auth->lock);
 	rpc_release_client(clnt);
+	kfree (obj.data);
 	return mlen;
 err:
 	if (ctx)
 		gss_destroy_ctx(ctx);
 	rpc_release_client(clnt);
 	dprintk("RPC: gss_pipe_downcall returning %d\n", err);
+	kfree (obj.data);
 	return err;
 }
 

_