From: Li Zefan <lizf@cn.fujitsu.com>
To: "linux-btrfs@vger.kernel.org" <linux-btrfs@vger.kernel.org>
Cc: "Ian! D. Allen" <idallen@idallen.ca>
Subject: [PATCH 2/3] Btrfs: Don't return items more than user specified
Date: Mon, 13 Dec 2010 17:50:02 +0800 [thread overview]
Message-ID: <4D05EC4A.8000908@cn.fujitsu.com> (raw)
In-Reply-To: <4D05EBC9.6020908@cn.fujitsu.com>
We check if num_found >= sk->nr_items every time we find an
expected item, but num_found is not incremented, so we may
return items more than the user asked.
Also return -EINVAL if the user specified 0 nr_items.
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
---
fs/btrfs/ioctl.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 785f713..08174e2 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -1053,7 +1053,6 @@ static noinline int copy_to_sk(struct btrfs_root *root,
int nritems;
int i;
int slot;
- int found = 0;
int ret = 0;
leaf = path->nodes[0];
@@ -1100,8 +1099,8 @@ static noinline int copy_to_sk(struct btrfs_root *root,
item_off, item_len);
*sk_offset += item_len;
}
- found++;
+ (*num_found)++;
if (*num_found >= sk->nr_items)
break;
}
@@ -1119,7 +1118,6 @@ advance_key:
} else
ret = 1;
overflow:
- *num_found += found;
return ret;
}
@@ -1136,6 +1134,9 @@ static noinline int search_ioctl(struct inode *inode,
int num_found = 0;
unsigned long sk_offset = 0;
+ if (sk->nr_items == 0)
+ return -EINVAL;
+
path = btrfs_alloc_path();
if (!path)
return -ENOMEM;
--
1.6.3
next prev parent reply other threads:[~2010-12-13 9:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-13 9:47 [PATCH 1/3] Btrfs: Really return keys within specified range Li Zefan
2010-12-13 9:50 ` Li Zefan [this message]
2010-12-13 9:50 ` [PATCH 3/3] Btrfs: Clean up tree search ioctl code Li Zefan
2010-12-13 18:13 ` Bug in the design of the tree search ioctl API ? [was Re: [PATCH 1/3] Btrfs: Really return keys within specified range] Goffredo Baroncelli
2010-12-14 5:37 ` Li Zefan
2010-12-14 18:16 ` Goffredo Baroncelli
2010-12-15 3:33 ` Li Zefan
2010-12-15 6:53 ` Goffredo Baroncelli
2010-12-15 7:13 ` Li Zefan
2010-12-15 18:48 ` Goffredo Baroncelli
2010-12-16 1:03 ` Li Zefan
2010-12-15 16:14 ` Chris Mason
2010-12-15 18:42 ` Goffredo Baroncelli
2010-12-15 18:51 ` Chris Mason
2010-12-15 19:13 ` Goffredo Baroncelli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D05EC4A.8000908@cn.fujitsu.com \
--to=lizf@cn.fujitsu.com \
--cc=idallen@idallen.ca \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).