Commit 934eed39 authored by Joern Engel's avatar Joern Engel Committed by Prasad Joshi

logfs: Prevent memory corruption

This is a bad one.  I wonder whether we were so far protected by
no_free_segments(sb) usually being smaller than LOGFS_NO_AREAS.

Found by Dan Carpenter <dan.carpenter@oracle.com> using smatch.
Signed-off-by: default avatarJoern Engel <joern@logfs.org>
Signed-off-by: default avatarPrasad Joshi <prasadjoshi.linux@gmail.com>
parent 96150606
...@@ -367,7 +367,7 @@ static struct gc_candidate *get_candidate(struct super_block *sb) ...@@ -367,7 +367,7 @@ static struct gc_candidate *get_candidate(struct super_block *sb)
int i, max_dist; int i, max_dist;
struct gc_candidate *cand = NULL, *this; struct gc_candidate *cand = NULL, *this;
max_dist = min(no_free_segments(sb), LOGFS_NO_AREAS); max_dist = min(no_free_segments(sb), LOGFS_NO_AREAS - 1);
for (i = max_dist; i >= 0; i--) { for (i = max_dist; i >= 0; i--) {
this = first_in_list(&super->s_low_list[i]); this = first_in_list(&super->s_low_list[i]);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment