aboutsummaryrefslogtreecommitdiffstats
path: root/fs/jffs2/summary.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/jffs2/summary.c')
-rw-r--r--fs/jffs2/summary.c22
1 files changed, 18 insertions, 4 deletions
diff --git a/fs/jffs2/summary.c b/fs/jffs2/summary.c
index 2a77d3f93029..629af01e5ade 100644
--- a/fs/jffs2/summary.c
+++ b/fs/jffs2/summary.c
@@ -429,6 +429,7 @@ static int jffs2_sum_process_sum_data(struct jffs2_sb_info *c, struct jffs2_eras
429 429
430 case JFFS2_NODETYPE_DIRENT: { 430 case JFFS2_NODETYPE_DIRENT: {
431 struct jffs2_sum_dirent_flash *spd; 431 struct jffs2_sum_dirent_flash *spd;
432 int checkedlen;
432 spd = sp; 433 spd = sp;
433 434
434 dbg_summary("Dirent at 0x%08x-0x%08x\n", 435 dbg_summary("Dirent at 0x%08x-0x%08x\n",
@@ -436,12 +437,25 @@ static int jffs2_sum_process_sum_data(struct jffs2_sb_info *c, struct jffs2_eras
436 jeb->offset + je32_to_cpu(spd->offset) + je32_to_cpu(spd->totlen)); 437 jeb->offset + je32_to_cpu(spd->offset) + je32_to_cpu(spd->totlen));
437 438
438 439
439 fd = jffs2_alloc_full_dirent(spd->nsize+1); 440 /* This should never happen, but https://dev.laptop.org/ticket/4184 */
441 checkedlen = strnlen(spd->name, spd->nsize);
442 if (!checkedlen) {
443 printk(KERN_ERR "Dirent at %08x has zero at start of name. Aborting mount.\n",
444 jeb->offset + je32_to_cpu(spd->offset));
445 return -EIO;
446 }
447 if (checkedlen < spd->nsize) {
448 printk(KERN_ERR "Dirent at %08x has zeroes in name. Truncating to %d chars\n",
449 jeb->offset + je32_to_cpu(spd->offset), checkedlen);
450 }
451
452
453 fd = jffs2_alloc_full_dirent(checkedlen+1);
440 if (!fd) 454 if (!fd)
441 return -ENOMEM; 455 return -ENOMEM;
442 456
443 memcpy(&fd->name, spd->name, spd->nsize); 457 memcpy(&fd->name, spd->name, checkedlen);
444 fd->name[spd->nsize] = 0; 458 fd->name[checkedlen] = 0;
445 459
446 ic = jffs2_scan_make_ino_cache(c, je32_to_cpu(spd->pino)); 460 ic = jffs2_scan_make_ino_cache(c, je32_to_cpu(spd->pino));
447 if (!ic) { 461 if (!ic) {
@@ -455,7 +469,7 @@ static int jffs2_sum_process_sum_data(struct jffs2_sb_info *c, struct jffs2_eras
455 fd->next = NULL; 469 fd->next = NULL;
456 fd->version = je32_to_cpu(spd->version); 470 fd->version = je32_to_cpu(spd->version);
457 fd->ino = je32_to_cpu(spd->ino); 471 fd->ino = je32_to_cpu(spd->ino);
458 fd->nhash = full_name_hash(fd->name, spd->nsize); 472 fd->nhash = full_name_hash(fd->name, checkedlen);
459 fd->type = spd->type; 473 fd->type = spd->type;
460 474
461 jffs2_add_fd_to_list(c, fd, &ic->scan_dents); 475 jffs2_add_fd_to_list(c, fd, &ic->scan_dents);
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-16 00:35:16 -0500