From: Eric Sandeen Subject: Re: [PATCH] : make sure the buffer head members are zeroed out before using them. Date: Sun, 25 Jan 2009 10:15:58 -0600 Message-ID: <497C903E.5080108@redhat.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: ext4 , "Theodore Ts'o" , cmm@us.ibm.com To: Manish Katiyar Return-path: Received: from mx2.redhat.com ([66.187.237.31]:42311 "EHLO mx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750971AbZAYQQ0 (ORCPT ); Sun, 25 Jan 2009 11:16:26 -0500 In-Reply-To: Sender: linux-ext4-owner@vger.kernel.org List-ID: Manish Katiyar wrote: > On Tue, Jan 20, 2009 at 10:36 PM, Manish Katiyar wrote: >> ext2_quota_read doesn't bzeroes tmp_bh before calling ext2_get_block() >> where we access the b_size of it. Since it is a local variable it >> might contain some garbage. Make sure it is filled with zero before >> passing. > > Hi Ted/mingming, > > Any feedback on this ?? This looks ok to me, Manish. I'm curious, did you see this fail in real life, and if so, what'd the failure look like? With the change, the tmp_bh bh_size is 0, so maxblocks down the get_block path is also 0, but I guess that works out ok. -Eric > Thanks - > Manish > >> Signed-off-by : Manish Katiyar >> --- >> fs/ext2/super.c | 4 ++-- >> 1 files changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/fs/ext2/super.c b/fs/ext2/super.c >> index da8bdea..d10aa44 100644 >> --- a/fs/ext2/super.c >> +++ b/fs/ext2/super.c >> @@ -1327,7 +1327,7 @@ static ssize_t ext2_quota_read(struct >> super_block *sb, int type, char *data, >> tocopy = sb->s_blocksize - offset < toread ? >> sb->s_blocksize - offset : toread; >> >> - tmp_bh.b_state = 0; >> + memset(&tmp_bh, 0, sizeof(struct buffer_head)); >> err = ext2_get_block(inode, blk, &tmp_bh, 0); >> if (err < 0) >> return err; >> @@ -1366,7 +1366,7 @@ static ssize_t ext2_quota_write(struct >> super_block *sb, int type, >> tocopy = sb->s_blocksize - offset < towrite ? >> sb->s_blocksize - offset : towrite; >> >> - tmp_bh.b_state = 0; >> + memset(&tmp_bh, 0, sizeof(struct buffer_head)); >> err = ext2_get_block(inode, blk, &tmp_bh, 1); >> if (err < 0) >> goto out; >> -- >> 1.5.4.3 >> >> >> Thanks - >> Manish >> > -- > To unsubscribe from this list: send the line "unsubscribe linux-ext4" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html