Ensure link targets are NUL-terminated, even if corrupted on-disk.
Signed-off-by: Duane Griffin <[email protected]>
---
V2: terminate when the link is read instead of every time it is
followed, as suggested by Dave Kleikamp.
diff --git a/fs/ufs/inode.c b/fs/ufs/inode.c
index 39f8778..a22f64d 100644
--- a/fs/ufs/inode.c
+++ b/fs/ufs/inode.c
@@ -606,9 +606,11 @@ static void ufs_set_inode_ops(struct inode *inode)
inode->i_fop = &ufs_dir_operations;
inode->i_mapping->a_ops = &ufs_aops;
} else if (S_ISLNK(inode->i_mode)) {
- if (!inode->i_blocks)
+ if (!inode->i_blocks) {
+ char *link = UFS_I(inode)->i_u1.i_symlink;
inode->i_op = &ufs_fast_symlink_inode_operations;
- else {
+ link[inode->i_size] = '\0';
+ } else {
inode->i_op = &page_symlink_inode_operations;
inode->i_mapping->a_ops = &ufs_aops;
}
--
"I never could learn to drink that blood and call it wine" - Bob Dylan
On Thu, Dec 11, 2008 at 10:36:08PM +0000, Duane Griffin wrote:
> Ensure link targets are NUL-terminated, even if corrupted on-disk.
>
> Signed-off-by: Duane Griffin <[email protected]>
> ---
>
> V2: terminate when the link is read instead of every time it is
> followed, as suggested by Dave Kleikamp.
>
> diff --git a/fs/ufs/inode.c b/fs/ufs/inode.c
> index 39f8778..a22f64d 100644
> --- a/fs/ufs/inode.c
> +++ b/fs/ufs/inode.c
> @@ -606,9 +606,11 @@ static void ufs_set_inode_ops(struct inode *inode)
> inode->i_fop = &ufs_dir_operations;
> inode->i_mapping->a_ops = &ufs_aops;
> } else if (S_ISLNK(inode->i_mode)) {
> - if (!inode->i_blocks)
> + if (!inode->i_blocks) {
> + char *link = UFS_I(inode)->i_u1.i_symlink;
> inode->i_op = &ufs_fast_symlink_inode_operations;
> - else {
> + link[inode->i_size] = '\0';
> + } else {
> inode->i_op = &page_symlink_inode_operations;
> inode->i_mapping->a_ops = &ufs_aops;
> }
if we talk about corrupted file system, may be also ensure
that inode->i_size <= sizeof(i_u1)-1 before write '\0' to it.
--
/Evgeniy