diff options
Diffstat (limited to 'fs/hfsplus/bfind.c')
| -rw-r--r-- | fs/hfsplus/bfind.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/fs/hfsplus/bfind.c b/fs/hfsplus/bfind.c index 5007a41f1be9..d182438c7ae4 100644 --- a/fs/hfsplus/bfind.c +++ b/fs/hfsplus/bfind.c | |||
| @@ -23,7 +23,7 @@ int hfs_find_init(struct hfs_btree *tree, struct hfs_find_data *fd) | |||
| 23 | fd->search_key = ptr; | 23 | fd->search_key = ptr; |
| 24 | fd->key = ptr + tree->max_key_len + 2; | 24 | fd->key = ptr + tree->max_key_len + 2; |
| 25 | dprint(DBG_BNODE_REFS, "find_init: %d (%p)\n", tree->cnid, __builtin_return_address(0)); | 25 | dprint(DBG_BNODE_REFS, "find_init: %d (%p)\n", tree->cnid, __builtin_return_address(0)); |
| 26 | down(&tree->tree_lock); | 26 | mutex_lock(&tree->tree_lock); |
| 27 | return 0; | 27 | return 0; |
| 28 | } | 28 | } |
| 29 | 29 | ||
| @@ -32,7 +32,7 @@ void hfs_find_exit(struct hfs_find_data *fd) | |||
| 32 | hfs_bnode_put(fd->bnode); | 32 | hfs_bnode_put(fd->bnode); |
| 33 | kfree(fd->search_key); | 33 | kfree(fd->search_key); |
| 34 | dprint(DBG_BNODE_REFS, "find_exit: %d (%p)\n", fd->tree->cnid, __builtin_return_address(0)); | 34 | dprint(DBG_BNODE_REFS, "find_exit: %d (%p)\n", fd->tree->cnid, __builtin_return_address(0)); |
| 35 | up(&fd->tree->tree_lock); | 35 | mutex_unlock(&fd->tree->tree_lock); |
| 36 | fd->tree = NULL; | 36 | fd->tree = NULL; |
| 37 | } | 37 | } |
| 38 | 38 | ||
| @@ -52,6 +52,10 @@ int __hfs_brec_find(struct hfs_bnode *bnode, struct hfs_find_data *fd) | |||
| 52 | rec = (e + b) / 2; | 52 | rec = (e + b) / 2; |
| 53 | len = hfs_brec_lenoff(bnode, rec, &off); | 53 | len = hfs_brec_lenoff(bnode, rec, &off); |
| 54 | keylen = hfs_brec_keylen(bnode, rec); | 54 | keylen = hfs_brec_keylen(bnode, rec); |
| 55 | if (keylen == 0) { | ||
| 56 | res = -EINVAL; | ||
| 57 | goto fail; | ||
| 58 | } | ||
| 55 | hfs_bnode_read(bnode, fd->key, off, keylen); | 59 | hfs_bnode_read(bnode, fd->key, off, keylen); |
| 56 | cmpval = bnode->tree->keycmp(fd->key, fd->search_key); | 60 | cmpval = bnode->tree->keycmp(fd->key, fd->search_key); |
| 57 | if (!cmpval) { | 61 | if (!cmpval) { |
| @@ -67,6 +71,10 @@ int __hfs_brec_find(struct hfs_bnode *bnode, struct hfs_find_data *fd) | |||
| 67 | if (rec != e && e >= 0) { | 71 | if (rec != e && e >= 0) { |
| 68 | len = hfs_brec_lenoff(bnode, e, &off); | 72 | len = hfs_brec_lenoff(bnode, e, &off); |
| 69 | keylen = hfs_brec_keylen(bnode, e); | 73 | keylen = hfs_brec_keylen(bnode, e); |
| 74 | if (keylen == 0) { | ||
| 75 | res = -EINVAL; | ||
| 76 | goto fail; | ||
| 77 | } | ||
| 70 | hfs_bnode_read(bnode, fd->key, off, keylen); | 78 | hfs_bnode_read(bnode, fd->key, off, keylen); |
| 71 | } | 79 | } |
| 72 | done: | 80 | done: |
| @@ -75,6 +83,7 @@ done: | |||
| 75 | fd->keylength = keylen; | 83 | fd->keylength = keylen; |
| 76 | fd->entryoffset = off + keylen; | 84 | fd->entryoffset = off + keylen; |
| 77 | fd->entrylength = len - keylen; | 85 | fd->entrylength = len - keylen; |
| 86 | fail: | ||
| 78 | return res; | 87 | return res; |
| 79 | } | 88 | } |
| 80 | 89 | ||
| @@ -198,6 +207,10 @@ int hfs_brec_goto(struct hfs_find_data *fd, int cnt) | |||
| 198 | 207 | ||
| 199 | len = hfs_brec_lenoff(bnode, fd->record, &off); | 208 | len = hfs_brec_lenoff(bnode, fd->record, &off); |
| 200 | keylen = hfs_brec_keylen(bnode, fd->record); | 209 | keylen = hfs_brec_keylen(bnode, fd->record); |
| 210 | if (keylen == 0) { | ||
| 211 | res = -EINVAL; | ||
| 212 | goto out; | ||
| 213 | } | ||
| 201 | fd->keyoffset = off; | 214 | fd->keyoffset = off; |
| 202 | fd->keylength = keylen; | 215 | fd->keylength = keylen; |
| 203 | fd->entryoffset = off + keylen; | 216 | fd->entryoffset = off + keylen; |