From: Theodore Tso <tytso@mit.edu>
To: roel kluin <roel.kluin@gmail.com>
Cc: davidsen@tmr.com, adilger@sun.com, linux-ext4@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] ext3, ext4: do_split() fix loop, with obvious unsigned wrap
Date: Tue, 2 Dec 2008 08:24:41 -0500 [thread overview]
Message-ID: <20081202132441.GC16172@mit.edu> (raw)
In-Reply-To: <49343AD9.4020606@gmail.com>
On Mon, Dec 01, 2008 at 02:28:25PM -0500, roel kluin wrote:
> Fix loop, with obvious unsigned wrap
>
> Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Um, no. Sorry, I didn't have a chance to reply earlier but this is
obviously wrong.
> ---
> diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c
> index 3e5edc9..b0dcfb3 100644
> --- a/fs/ext3/namei.c
> +++ b/fs/ext3/namei.c
> @@ -1188,7 +1188,7 @@ static struct ext3_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
> /* Split the existing block in the middle, size-wise */
> size = 0;
> move = 0;
> - for (i = count-1; i >= 0; i--) {
> + for (i = count; i--; ) {
> /* is more than half of this entry in 2nd half of the block? */
> if (size + map[i].size/2 > blocksize/2)
> break;
Note that i is actually **used** in the loop? So changing the
starting value of the counter without also adjusting all of the places
where i is used will cause the code to break, and in hard to find
ways...
Given that there are two loop termination conditions, and in fact the
one in the loop is the one that actually gets used 99% of the time
(which is why we've never noticed the problem in real life), probably
the best way of handling this is to recast it not as a for loop, but
as a while loop.
- Ted
next prev parent reply other threads:[~2008-12-02 13:24 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-01 19:28 [PATCH v2] ext3, ext4: do_split() fix loop, with obvious unsigned wrap roel kluin
2008-12-02 13:24 ` Theodore Tso [this message]
2008-12-02 17:08 ` Bill Davidsen
2008-12-02 19:47 ` Roel Kluin
2008-12-02 21:57 ` Theodore Tso
2008-12-02 23:17 ` Bill Davidsen
2008-12-03 14:25 ` Bill Davidsen
2008-12-03 6:05 ` Andrew Morton
2008-12-03 14:32 ` Bill Davidsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081202132441.GC16172@mit.edu \
--to=tytso@mit.edu \
--cc=adilger@sun.com \
--cc=davidsen@tmr.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=roel.kluin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).