diff options
| author | Gabriel de Perthuis | 2012-10-10 16:50:47 +0200 |
|---|---|---|
| committer | Chris Mason | 2012-10-25 21:39:47 +0200 |
| commit | 661bec6ba884b86517ef5ea529aabb281a7198d9 (patch) | |
| tree | 22881cdc9bf3d67c78ee07b24195885b0f0f223f /fs/btrfs | |
| parent | btrfs: init ref_index to zero in add_inode_ref (diff) | |
| download | kernel-qcow2-linux-661bec6ba884b86517ef5ea529aabb281a7198d9.tar.gz kernel-qcow2-linux-661bec6ba884b86517ef5ea529aabb281a7198d9.tar.xz kernel-qcow2-linux-661bec6ba884b86517ef5ea529aabb281a7198d9.zip | |
Fix a sign bug causing invalid memory access in the ino_paths ioctl.
To see the problem, create many hardlinks to the same file (120 should do it),
then look up paths by inode with:
ls -i
btrfs inspect inode-resolve -v $ino /mnt/btrfs
I noticed the memory layout of the fspath->val data had some irregularities
(some unnecessary gaps that stop appearing about halfway),
so I'm not sure there aren't any bugs left in it.
Diffstat (limited to 'fs/btrfs')
| -rw-r--r-- | fs/btrfs/backref.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c index f3187938e081..2bcbea3f6308 100644 --- a/fs/btrfs/backref.c +++ b/fs/btrfs/backref.c @@ -1186,7 +1186,7 @@ static char *ref_to_path(struct btrfs_root *fs_root, int slot; u64 next_inum; int ret; - s64 bytes_left = size - 1; + s64 bytes_left = ((s64)size) - 1; struct extent_buffer *eb = eb_in; struct btrfs_key found_key; int leave_spinning = path->leave_spinning; |