From: Xi Wang <xi.wang@gmail.com>
To: David Woodhouse <dwmw2@infradead.org>
Cc: linux-mtd@lists.infradead.org, Xi Wang <xi.wang@gmail.com>
Subject: [PATCH] jffs2: refactor csize in jffs2_do_read_inode_internal()
Date: Mon, 9 Apr 2012 18:42:59 -0400 [thread overview]
Message-ID: <1334011379-24445-1-git-send-email-xi.wang@gmail.com> (raw)
Replace the verbose `je32_to_cpu(latest_node->csize)' with a shorter
variable `csize'.
Also check for a bogus `csize' value 0xffffffff, which would turn the
subsequent kmalloc(cisze + 1, ...) into kmalloc(0, ...).
Signed-off-by: Xi Wang <xi.wang@gmail.com>
---
fs/jffs2/readinode.c | 17 +++++++++++------
1 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/fs/jffs2/readinode.c b/fs/jffs2/readinode.c
index dc0437e..2be7a8e 100644
--- a/fs/jffs2/readinode.c
+++ b/fs/jffs2/readinode.c
@@ -1266,19 +1266,24 @@ static int jffs2_do_read_inode_internal(struct jffs2_sb_info *c,
/* Symlink's inode data is the target path. Read it and
* keep in RAM to facilitate quick follow symlink
* operation. */
- f->target = kmalloc(je32_to_cpu(latest_node->csize) + 1, GFP_KERNEL);
+ uint32_t csize = je32_to_cpu(latest_node->csize);
+ /* Avoid overflowing csize + 1. */
+ if (csize > INT_MAX)
+ f->target = 0;
+ else
+ f->target = kmalloc(csize + 1, GFP_KERNEL);
if (!f->target) {
- JFFS2_ERROR("can't allocate %d bytes of memory for the symlink target path cache\n", je32_to_cpu(latest_node->csize));
+ JFFS2_ERROR("can't allocate %u bytes of memory for the symlink target path cache\n", csize);
mutex_unlock(&f->sem);
jffs2_do_clear_inode(c, f);
return -ENOMEM;
}
ret = jffs2_flash_read(c, ref_offset(rii.latest_ref) + sizeof(*latest_node),
- je32_to_cpu(latest_node->csize), &retlen, (char *)f->target);
+ csize, &retlen, (char *)f->target);
- if (ret || retlen != je32_to_cpu(latest_node->csize)) {
- if (retlen != je32_to_cpu(latest_node->csize))
+ if (ret || retlen != csize) {
+ if (retlen != csize)
ret = -EIO;
kfree(f->target);
f->target = NULL;
@@ -1287,7 +1292,7 @@ static int jffs2_do_read_inode_internal(struct jffs2_sb_info *c,
return ret;
}
- f->target[je32_to_cpu(latest_node->csize)] = '\0';
+ f->target[csize] = '\0';
dbg_readinode("symlink's target '%s' cached\n", f->target);
}
--
1.7.5.4
next reply other threads:[~2012-04-09 22:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-09 22:42 Xi Wang [this message]
2012-04-21 14:12 ` [PATCH] jffs2: refactor csize in jffs2_do_read_inode_internal() Artem Bityutskiy
2012-04-21 16:44 ` Xi Wang
2012-04-22 11:57 ` Artem Bityutskiy
2012-04-23 5:43 ` Xi Wang
2012-04-23 6:00 ` Artem Bityutskiy
2012-04-23 6:58 ` Xi Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1334011379-24445-1-git-send-email-xi.wang@gmail.com \
--to=xi.wang@gmail.com \
--cc=dwmw2@infradead.org \
--cc=linux-mtd@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.