Commit 661bec6b authored by Gabriel de Perthuis's avatar Gabriel de Perthuis Committed by Chris Mason

Fix a sign bug causing invalid memory access in the ino_paths ioctl.

To see the problem, create many hardlinks to the same file (120 should do it),
then look up paths by inode with:

  ls -i
  btrfs inspect inode-resolve -v $ino /mnt/btrfs

I noticed the memory layout of the fspath->val data had some irregularities
(some unnecessary gaps that stop appearing about halfway),
so I'm not sure there aren't any bugs left in it.
parent f46dbe3d
...@@ -1186,7 +1186,7 @@ static char *ref_to_path(struct btrfs_root *fs_root, ...@@ -1186,7 +1186,7 @@ static char *ref_to_path(struct btrfs_root *fs_root,
int slot; int slot;
u64 next_inum; u64 next_inum;
int ret; int ret;
s64 bytes_left = size - 1; s64 bytes_left = ((s64)size) - 1;
struct extent_buffer *eb = eb_in; struct extent_buffer *eb = eb_in;
struct btrfs_key found_key; struct btrfs_key found_key;
int leave_spinning = path->leave_spinning; int leave_spinning = path->leave_spinning;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment