login
Login / Register
Header Space

 
 

Home » Mailing list archives » linux-fsdevel » 2007 » September » 25

[patch 4/4] ext4: fix rec_len overflow for 64KB block size

Previous thread: [patch 2/4] ext2: fix rec_len overflow for 64KB block size by Christoph Lameter on Tuesday, September 25, 2007 - 7:30 pm. (3 messages)

Next thread: [00/17] Virtual Compound Page Support V1 by Christoph Lameter on Tuesday, September 25, 2007 - 7:42 pm. (1 message)
[view original message]
From: Christoph Lameter <clameter@...>
To: Mingming Cao <cmm@...>
Cc: Takashi Sato <sho@...>, <linux-fsdevel@...>
Subject: [patch 4/4] ext4: fix rec_len overflow for 64KB block size
Date: Tuesday, September 25, 2007 - 7:30 pm

[4/4]  ext4: fix rec_len overflow
         - prevent rec_len from overflow with 64KB blocksize

Signed-off-by: Takashi Sato &lt;sho@tnes.nec.co.jp&gt;
Signed-off-by: Mingming Cao &lt;cmm@us.ibm.com&gt;
---
 fs/ext4/dir.c           |   11 ++++--
 fs/ext4/namei.c         |   88 +++++++++++++++++++++++++++++++++++++++---------
 include/linux/ext4_fs.h |    9 ++++
 3 files changed, 90 insertions(+), 18 deletions(-)

Index: linux-2.6.23-rc8-mm1/fs/ext4/dir.c
===================================================================
--- linux-2.6.23-rc8-mm1.orig/fs/ext4/dir.c	2007-09-25 14:53:57.000000000 -0700
+++ linux-2.6.23-rc8-mm1/fs/ext4/dir.c	2007-09-25 15:45:09.000000000 -0700
@@ -100,10 +100,11 @@ static int ext4_readdir(struct file * fi
 	unsigned long offset;
 	int i, stored;
 	struct ext4_dir_entry_2 *de;
-	struct super_block *sb;
 	int err;
 	struct inode *inode = filp-&gt;f_path.dentry-&gt;d_inode;
+	struct super_block *sb = inode-&gt;i_sb;
 	int ret = 0;
+	unsigned tail = sb-&gt;s_blocksize;
 
 	sb = inode-&gt;i_sb;
 
@@ -166,8 +167,11 @@ revalidate:
 		 * readdir(2), then we might be pointing to an invalid
 		 * dirent right now.  Scan from the start of the block
 		 * to make sure. */
+		if (tail &gt;  EXT4_DIR_MAX_REC_LEN)
+			tail = EXT4_DIR_MAX_REC_LEN;
+
 		if (filp-&gt;f_version != inode-&gt;i_version) {
-			for (i = 0; i &lt; sb-&gt;s_blocksize &amp;&amp; i &lt; offset; ) {
+			for (i = 0; i &lt; tail &amp;&amp; i &lt; offset; ) {
 				de = (struct ext4_dir_entry_2 *)
 					(bh-&gt;b_data + i);
 				/* It's too expensive to do a full
@@ -188,7 +192,7 @@ revalidate:
 		}
 
 		while (!error &amp;&amp; filp-&gt;f_pos &lt; inode-&gt;i_size
-		       &amp;&amp; offset &lt; sb-&gt;s_blocksize) {
+		       &amp;&amp; offset &lt; tail) {
 			de = (struct ext4_dir_entry_2 *) (bh-&gt;b_data + offset);
 			if (!ext4_check_dir_entry ("ext4_readdir", inode, de,
 						   bh, offset)) {
@@ -225,6 +229,7 @@ revalidate:
 			}
 			filp-&gt;f_pos += le16_to_cpu(de-&gt;r...
[ message continues ]
Previous thread: [patch 2/4] ext2: fix rec_len overflow for 64KB block size by Christoph Lameter on Tuesday, September 25, 2007 - 7:30 pm. (3 messages)

Next thread: [00/17] Virtual Compound Page Support V1 by Christoph Lameter on Tuesday, September 25, 2007 - 7:42 pm. (1 message)

Mail archive search
Enter your search terms.
Optionally limit your search to a specific mailing list.
advanced
Recent Tags
more tags
Colocation donated by:
Who's online
There are currently 3 users and 1044 guests online.

Online users

Syndicate
Syndicate content
© 2007 KernelTrap.  |  Powered by Drupal.  |  Legal statement.
speck-geostationary