* [patch] ext4: off by one check in ext4_groupinfo_create_slab()
@ 2011-02-09 23:24 Dan Carpenter
2011-02-10 0:12 ` Eric Sandeen
2011-02-11 0:00 ` Ted Ts'o
0 siblings, 2 replies; 3+ messages in thread
From: Dan Carpenter @ 2011-02-09 23:24 UTC (permalink / raw)
To: Theodore Ts'o, sandeen; +Cc: Andreas Dilger, linux-ext4, kernel-janitors
If cache_index == NR_GRPINFO_CACHES then we read past the end of the
ext4_groupinfo_caches[] array a couple lines later.
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index 02cff4a..d1fe09a 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -2438,7 +2438,7 @@ static int ext4_groupinfo_create_slab(size_t size)
int cache_index = blocksize_bits - EXT4_MIN_BLOCK_LOG_SIZE;
struct kmem_cache *cachep;
- if (cache_index > NR_GRPINFO_CACHES)
+ if (cache_index >= NR_GRPINFO_CACHES)
return -EINVAL;
if (unlikely(cache_index < 0))
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [patch] ext4: off by one check in ext4_groupinfo_create_slab()
2011-02-09 23:24 [patch] ext4: off by one check in ext4_groupinfo_create_slab() Dan Carpenter
@ 2011-02-10 0:12 ` Eric Sandeen
2011-02-11 0:00 ` Ted Ts'o
1 sibling, 0 replies; 3+ messages in thread
From: Eric Sandeen @ 2011-02-10 0:12 UTC (permalink / raw)
To: Dan Carpenter
Cc: Theodore Ts'o, Andreas Dilger, linux-ext4, kernel-janitors
On 2/9/11 5:24 PM, Dan Carpenter wrote:
> If cache_index == NR_GRPINFO_CACHES then we read past the end of the
> ext4_groupinfo_caches[] array a couple lines later.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Argh, you'd think I could cut and paste from jbd2 better :(
Thanks,
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
> diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
> index 02cff4a..d1fe09a 100644
> --- a/fs/ext4/mballoc.c
> +++ b/fs/ext4/mballoc.c
> @@ -2438,7 +2438,7 @@ static int ext4_groupinfo_create_slab(size_t size)
> int cache_index = blocksize_bits - EXT4_MIN_BLOCK_LOG_SIZE;
> struct kmem_cache *cachep;
>
> - if (cache_index > NR_GRPINFO_CACHES)
> + if (cache_index >= NR_GRPINFO_CACHES)
> return -EINVAL;
>
> if (unlikely(cache_index < 0))
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [patch] ext4: off by one check in ext4_groupinfo_create_slab()
2011-02-09 23:24 [patch] ext4: off by one check in ext4_groupinfo_create_slab() Dan Carpenter
2011-02-10 0:12 ` Eric Sandeen
@ 2011-02-11 0:00 ` Ted Ts'o
1 sibling, 0 replies; 3+ messages in thread
From: Ted Ts'o @ 2011-02-11 0:00 UTC (permalink / raw)
To: Dan Carpenter; +Cc: sandeen, Andreas Dilger, linux-ext4, kernel-janitors
On Thu, Feb 10, 2011 at 02:24:12AM +0300, Dan Carpenter wrote:
> If cache_index == NR_GRPINFO_CACHES then we read past the end of the
> ext4_groupinfo_caches[] array a couple lines later.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Oops, thanks for pointing that out!
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
- Ted
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-02-11 0:00 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-02-09 23:24 [patch] ext4: off by one check in ext4_groupinfo_create_slab() Dan Carpenter
2011-02-10 0:12 ` Eric Sandeen
2011-02-11 0:00 ` Ted Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).