1. 09 11月, 2011 1 次提交
    • C
      xfs: Fix possible memory corruption in xfs_readlink · b52a360b
      Carlos Maiolino 提交于
      Fixes a possible memory corruption when the link is larger than
      MAXPATHLEN and XFS_DEBUG is not enabled. This also remove the
      S_ISLNK assert, since the inode mode is checked previously in
      xfs_readlink_by_handle() and via VFS.
      
      Updated to address concerns raised by Ben Hutchings about the loose
      attention paid to 32- vs 64-bit values, and the lack of handling a
      potentially negative pathlen value:
       - Changed type of "pathlen" to be xfs_fsize_t, to match that of
         ip->i_d.di_size
       - Added checking for a negative pathlen to the too-long pathlen
         test, and generalized the message that gets reported in that case
         to reflect the change
      As a result, if a negative pathlen were encountered, this function
      would return EFSCORRUPTED (and would fail an assertion for a debug
      build)--just as would a too-long pathlen.
      Signed-off-by: NAlex Elder <aelder@sgi.com>
      Signed-off-by: NCarlos Maiolino <cmaiolino@redhat.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      b52a360b
  2. 08 11月, 2011 28 次提交
  3. 07 11月, 2011 11 次提交