projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2ad8ee7)
[JFFS2] Fix buffer length calculations in jffs2_get_inode_nodes()
authorArtem Bityutskiy <Artem.Bityutskiy@nokia.com>
Wed, 30 May 2007 09:08:14 +0000 (12:08 +0300)
committerDavid Woodhouse <dwmw2@infradead.org>
Fri, 1 Jun 2007 12:20:29 +0000 (13:20 +0100)
If we have already read enough bytes, no need to call read_more().

Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
fs/jffs2/readinode.c patch | blob | blame | history

diff --git a/fs/jffs2/readinode.c b/fs/jffs2/readinode.c
index 4884d5edfe658282d626c6674497231a9ff4d20a..5663e8c7a959aff84168454da182b1409829799c 100644 (file)
--- a/fs/jffs2/readinode.c
+++ b/fs/jffs2/readinode.c
@@ -1044,7 +1044,8 @@ static int jffs2_get_inode_nodes(struct jffs2_sb_info *c, struct jffs2_inode_inf
 
                case JFFS2_NODETYPE_DIRENT:
 
-                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_dirent)) {
+                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_dirent) &&
+                           len < sizeof(struct jffs2_raw_dirent)) {
                                err = read_more(c, ref, sizeof(struct jffs2_raw_dirent), &len, buf);
                                if (unlikely(err))
                                        goto free_out;
@@ -1058,7 +1059,8 @@ static int jffs2_get_inode_nodes(struct jffs2_sb_info *c, struct jffs2_inode_inf
 
                case JFFS2_NODETYPE_INODE:
 
-                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_inode)) {
+                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_raw_inode) &&
+                           len < sizeof(struct jffs2_raw_inode)) {
                                err = read_more(c, ref, sizeof(struct jffs2_raw_inode), &len, buf);
                                if (unlikely(err))
                                        goto free_out;
@@ -1071,7 +1073,8 @@ static int jffs2_get_inode_nodes(struct jffs2_sb_info *c, struct jffs2_inode_inf
                        break;
 
                default:
-                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_unknown_node)) {
+                       if (JFFS2_MIN_NODE_HEADER < sizeof(struct jffs2_unknown_node) &&
+                           len < sizeof(struct jffs2_unknown_node)) {
                                err = read_more(c, ref, sizeof(struct jffs2_unknown_node), &len, buf);
                                if (unlikely(err))
                                        goto free_out;