Hi Marek, On 23/07/2018 11:42, Marek Vasut wrote: > The variable 'n' represents the number of bytes to be read from a certain > offset in a file, to a certain offset in buffer 'buf'. The variable 'len' > represents the length of the entire file, clamped correctly to avoid any > overflows. > > Therefore, comparing 'n' and 'len' to determine whether clearing 'n' > bytes of the buffer 'buf' at a certain offset would clear data past > buffer 'buf' cannot lead to a correct result, since the 'n' does not > contain the offset from the beginning of the file. > > This patch keeps track of the amount of data read and checks for the > buffer overflow by comparing the 'n' to the remaining amount of data > to be read instead. > > Signed-off-by: Marek Vasut <[email protected]> > Cc: Ian Ray <[email protected]> > Cc: Martyn Welch <[email protected]> > Cc: Stefano Babic <[email protected]> > Cc: Tom Rini <[email protected]> > Fixes: ecdfb4195b20 ("ext4: recover from filesystem corruption when reading") > --- > fs/ext4/ext4fs.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c > index 2a28031d14..537aa05eff 100644 > --- a/fs/ext4/ext4fs.c > +++ b/fs/ext4/ext4fs.c > @@ -60,6 +60,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, > lbaint_t delayed_extent = 0; > lbaint_t delayed_skipfirst = 0; > lbaint_t delayed_next = 0; > + lbaint_t read_total = 0; > char *delayed_buf = NULL; > short status; > > @@ -140,13 +141,14 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t > pos, > return -1; > previous_block_number = -1; > } > - /* Zero no more than `len' bytes. */ > + /* Zero no more than 'filesize' bytes. */ > n = blocksize - skipfirst; > - if (n > len) > - n = len; > + if (n > (len - read_total)) > + n = (len - read_total); > memset(buf, 0, n); > } > buf += blocksize - skipfirst; > + read_total += blocksize - skipfirst; > } > if (previous_block_number != -1) { > /* spill */ >
Acked-by: Stefano Babic <[email protected]> Tested-by: Stefano Babic <[email protected]> Best regards, Stefano Babic -- ===================================================================== DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: [email protected] ===================================================================== _______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
