From: Ted Ts'o <tytso@mit.edu>
To: Namhyung Kim <namhyung@gmail.com>
Cc: linux-ext4@vger.kernel.org
Subject: Re: [PATCH 07/15] libext2fs: fix error path in ext2fs_update_bb_inode()
Date: Mon, 20 Dec 2010 11:01:16 -0500 [thread overview]
Message-ID: <20101220160116.GN23626@thunk.org> (raw)
In-Reply-To: <1291020917-8671-8-git-send-email-namhyung@gmail.com>
On Mon, Nov 29, 2010 at 05:55:09PM +0900, Namhyung Kim wrote:
> If ext2fs_get_mem() on rec.block_buf fails we should not call
> ext2fs_free_mem() on it.
>
> Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Thanks for pointing this out. I fixed this in a slightly simpler way.
- Ted
commit 2150278fa25f3fe8b8f29835ccd3079b608bb825
Author: Theodore Ts'o <tytso@mit.edu>
Date: Mon Dec 20 10:57:29 2010 -0500
libext2fs: fix potential free() of garbage in ext2fs_update_bb_inode()
There was a potential of freeing an uninitialized pointer in
rec.block_buf, which was pointed out by Namhyung Kim <namhyung@gmail.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
diff --git a/lib/ext2fs/bb_inode.c b/lib/ext2fs/bb_inode.c
index 0b79b16..0b6c3dd 100644
--- a/lib/ext2fs/bb_inode.c
+++ b/lib/ext2fs/bb_inode.c
@@ -65,8 +65,7 @@ errcode_t ext2fs_update_bb_inode(ext2_filsys fs, ext2_badblocks_list bb_list)
if (!fs->block_map)
return EXT2_ET_NO_BLOCK_BITMAP;
- rec.bad_block_count = 0;
- rec.ind_blocks_size = rec.ind_blocks_ptr = 0;
+ memset(&rec, 0, sizeof(rec));
rec.max_ind_blocks = 10;
retval = ext2fs_get_array(rec.max_ind_blocks, sizeof(blk_t),
&rec.ind_blocks);
next prev parent reply other threads:[~2010-12-20 16:01 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-29 8:55 [PATCH 00/15] e2fsprogs cleanups Namhyung Kim
2010-11-29 8:55 ` [PATCH 01/15 RESEND] libext2fs: fix potential build failure with OMIT_COM_ERR Namhyung Kim
2010-12-20 15:04 ` [01/15, " Ted Ts'o
2010-11-29 8:55 ` [PATCH 02/15 RESEND] libext2fs: fix dubious code in ext2fs_numeric_progress_init() Namhyung Kim
2010-12-20 15:04 ` [02/15, " Ted Ts'o
2010-11-29 8:55 ` [PATCH 03/15] mke2fs: simplify inode table block counting Namhyung Kim
2010-11-30 12:01 ` Lukas Czerner
2010-12-01 11:49 ` Namhyung Kim
2010-12-20 15:44 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 04/15] libext2fs: remove unnecessary casts to ext2fs_generic_bitmap Namhyung Kim
2010-12-20 15:50 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 05/15] libext2fs: fix dubious code in ext2fs_unmark_generic_bitmap() Namhyung Kim
2010-12-20 15:54 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 06/15] libext2fs: invalid EXT4_FEATURE_RO_COMPAT_HUGE_FILE checks Namhyung Kim
2010-12-20 15:55 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 07/15] libext2fs: fix error path in ext2fs_update_bb_inode() Namhyung Kim
2010-12-20 16:01 ` Ted Ts'o [this message]
2010-11-29 8:55 ` [PATCH 08/15] libext2fs: fix memory leak on error path Namhyung Kim
2010-11-30 12:23 ` Lukas Czerner
2010-12-21 23:06 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 09/15] mke2fs: check return value of e2p_os2string() Namhyung Kim
2010-12-21 23:13 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 10/15] mke2fs.8.in: add missing "big" and "huge" usage-type description Namhyung Kim
2010-12-21 23:45 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 11/15] mke2fs: fix determination of size_type Namhyung Kim
2010-11-30 12:33 ` Lukas Czerner
2010-12-01 12:37 ` Namhyung Kim
2010-12-01 15:46 ` Lukas Czerner
2010-12-21 23:45 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 12/15] mke2fs: add some error checks into PRS() Namhyung Kim
2010-11-30 12:46 ` Lukas Czerner
2010-12-01 12:03 ` Namhyung Kim
2010-12-16 9:40 ` [PATCH v2 " Namhyung Kim
2010-12-16 12:19 ` Lukas Czerner
2010-12-22 1:34 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 13/15] mke2fs: fix potential memory leak in mke2fs_setup_tdb() Namhyung Kim
2010-11-30 13:02 ` Lukas Czerner
2010-12-01 12:32 ` Namhyung Kim
2010-12-16 9:42 ` [PATCH v2 " Namhyung Kim
2010-12-16 12:21 ` Lukas Czerner
2010-11-29 8:55 ` [PATCH 14/15] libext2fs: fix possible memory leak in write_journal_inode() Namhyung Kim
2010-12-22 15:43 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 15/15] mke2fs.8.in: add ENVIRONMENT section Namhyung Kim
2010-12-22 15:43 ` Ted Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101220160116.GN23626@thunk.org \
--to=tytso@mit.edu \
--cc=linux-ext4@vger.kernel.org \
--cc=namhyung@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).