From: Dan Carpenter <dan.carpenter@oracle.com>
To: Al Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>
Cc: Jan Kara <jack@suse.cz>, Miklos Szeredi <mszeredi@redhat.com>,
Bob Copeland <me@bobcopeland.com>,
Boaz Harrosh <ooo@electrozaur.com>,
Deepa Dinamani <deepa.kernel@gmail.com>,
Viacheslav Dubeyko <slava@dubeyko.com>,
linux-fsdevel@vger.kernel.org, kernel-janitors@vger.kernel.org
Subject: [patch resend] hfs: fix fix hfs_readdir()
Date: Wed, 18 Jan 2017 14:13:20 +0300 [thread overview]
Message-ID: <20170118111320.GA23725@mwanda> (raw)
In-Reply-To: <1484606094.27533.35.camel@dubeyko.com>
I was looking through static analysis warnings and there is a bug here
that goes all the way back to the start of git. Basically we're copying
the pointer and nearby garbage instead of the data the fd.key pointer is
pointing to.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
I sent this a year ago, and we had a thread about it, but in the end
decided that the original patch was correct. Not tested.
diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c
index 5de5c48..75b2542 100644
--- a/fs/hfs/dir.c
+++ b/fs/hfs/dir.c
@@ -169,7 +169,7 @@ static int hfs_readdir(struct file *file, struct dir_context *ctx)
* Can be done after the list insertion; exclusion with
* hfs_delete_cat() is provided by directory lock.
*/
- memcpy(&rd->key, &fd.key, sizeof(struct hfs_cat_key));
+ memcpy(&rd->key, &fd.key->cat, sizeof(struct hfs_cat_key));
out:
hfs_find_exit(&fd);
return err;
next prev parent reply other threads:[~2017-01-18 12:30 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-26 9:26 [patch] hfs: fix hfs_readdir() Dan Carpenter
2016-01-26 18:18 ` Viacheslav Dubeyko
2016-01-26 19:18 ` Dan Carpenter
2016-01-26 21:54 ` Viacheslav Dubeyko
2017-01-16 14:22 ` Dan Carpenter
2017-01-16 22:34 ` Viacheslav Dubeyko
2017-01-18 11:13 ` Dan Carpenter [this message]
2017-01-18 17:28 ` [patch resend] hfs: fix " Viacheslav Dubeyko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170118111320.GA23725@mwanda \
--to=dan.carpenter@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=deepa.kernel@gmail.com \
--cc=jack@suse.cz \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=me@bobcopeland.com \
--cc=mszeredi@redhat.com \
--cc=ooo@electrozaur.com \
--cc=slava@dubeyko.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).