[PATCH] bfs filesystem read past the end of dir

[PATCH] bfs filesystem read past the end of dir

[Jakub Jermar]

Hi,

I found out that BFS filesystem will eventually try to read and interpret garbage past the end of 
directory in bfs_add_entry(). If the garbage (interpreted as i-node number) is not set to zero (does it 
have to be?) bfs_add_entry() will consider it a regular directory entry. 

This causes weird things like this:
# touch a
# rm a
# ls
# touch b
# ls
a

My patch detects an attempt to read past the end of directory and explicitly clears the garbage that 
represents i-node number. Thus the correct behaviour is achieved.

Could you take a look at the patch and share your thoughts?

Thanks,
Jakub

diff -Nru linux-2.6.5/fs/bfs/dir.c linux-2.6.5-bfs-patch/fs/bfs/dir.c
--- linux-2.6.5/fs/bfs/dir.c    2004-04-04 05:38:13.000000000 +0200
+++ linux-2.6.5-bfs-patch/fs/bfs/dir.c  2004-05-05 01:28:41.000000000 +0200
@@ -274,7 +274,7 @@
 {
        struct buffer_head * bh;
        struct bfs_dirent * de;
-       int block, sblock, eblock, off;
+       int block, sblock, eblock, off, eoff;
        int i;

        dprintf("name=%s, namelen=%d\n", name, namelen);
@@ -286,12 +286,17 @@

        sblock = BFS_I(dir)->i_sblock;
        eblock = BFS_I(dir)->i_eblock;
+       eoff = dir->i_size % BFS_BSIZE;
        for (block=sblock; block<=eblock; block++) {
                bh = sb_bread(dir->i_sb, block);
                if(!bh)
                        return -ENOSPC;
                for (off=0; off<BFS_BSIZE; off+=BFS_DIRENT_SIZE) {
                        de = (struct bfs_dirent *)(bh->b_data + off);
+                       if (block==eblock && off>=eoff) {
+                               /* Do not read/interpret the garbage in the end of eblock. */
+                               de->ino = 0;
+                       }
                        if (!de->ino) {
                                if ((block-sblock)*BFS_BSIZE + off >= dir->i_size) {
                                        dir->i_size += BFS_DIRENT_SIZE;