Ensure link targets are NUL-terminated, even if corrupted on-disk.
Signed-off-by: Duane Griffin <[email protected]>
---
V2: terminate when the link is read instead of every time it is
followed, as suggested by Dave Kleikamp.
diff --git a/fs/sysv/inode.c b/fs/sysv/inode.c
index df0d435..1511228 100644
--- a/fs/sysv/inode.c
+++ b/fs/sysv/inode.c
@@ -163,8 +163,10 @@ void sysv_set_inode(struct inode *inode, dev_t rdev)
if (inode->i_blocks) {
inode->i_op = &sysv_symlink_inode_operations;
inode->i_mapping->a_ops = &sysv_aops;
- } else
+ } else {
inode->i_op = &sysv_fast_symlink_inode_operations;
+ ((char *) SYSV_I(inode)->i_data)[inode->i_size] = '\0';
+ }
} else
init_special_inode(inode, inode->i_mode, rdev);
}
--
"I never could learn to drink that blood and call it wine" - Bob Dylan
On Thu, Dec 11, 2008 at 10:35:32PM +0000, Duane Griffin wrote:
> Ensure link targets are NUL-terminated, even if corrupted on-disk.
>
> Signed-off-by: Duane Griffin <[email protected]>
> ---
>
> V2: terminate when the link is read instead of every time it is
> followed, as suggested by Dave Kleikamp.
>
> diff --git a/fs/sysv/inode.c b/fs/sysv/inode.c
> index df0d435..1511228 100644
> --- a/fs/sysv/inode.c
> +++ b/fs/sysv/inode.c
> @@ -163,8 +163,10 @@ void sysv_set_inode(struct inode *inode, dev_t rdev)
> if (inode->i_blocks) {
> inode->i_op = &sysv_symlink_inode_operations;
> inode->i_mapping->a_ops = &sysv_aops;
> - } else
> + } else {
> inode->i_op = &sysv_fast_symlink_inode_operations;
> + ((char *) SYSV_I(inode)->i_data)[inode->i_size] = '\0';
If you do it that way, you want to verify that i_size is bounded. Better yet,
add a helper for that (taking void *, len, max_len)