On Mon, Nov 29, 2010 at 05:55:09PM +0900, Namhyung Kim wrote:
> If ext2fs_get_mem() on rec.block_buf fails we should not call
> ext2fs_free_mem() on it.
>
> Signed-off-by: Namhyung Kim <namhyung@xxxxxxxxx>
Thanks for pointing this out. I fixed this in a slightly simpler way.
- Ted
commit 2150278fa25f3fe8b8f29835ccd3079b608bb825
Author: Theodore Ts'o <tytso@xxxxxxx>
Date: Mon Dec 20 10:57:29 2010 -0500
libext2fs: fix potential free() of garbage in ext2fs_update_bb_inode()
There was a potential of freeing an uninitialized pointer in
rec.block_buf, which was pointed out by Namhyung Kim <namhyung@xxxxxxxxx>
Signed-off-by: "Theodore Ts'o" <tytso@xxxxxxx>
diff --git a/lib/ext2fs/bb_inode.c b/lib/ext2fs/bb_inode.c
index 0b79b16..0b6c3dd 100644
--- a/lib/ext2fs/bb_inode.c
+++ b/lib/ext2fs/bb_inode.c
@@ -65,8 +65,7 @@ errcode_t ext2fs_update_bb_inode(ext2_filsys fs, ext2_badblocks_list bb_list)
if (!fs->block_map)
return EXT2_ET_NO_BLOCK_BITMAP;
- rec.bad_block_count = 0;
- rec.ind_blocks_size = rec.ind_blocks_ptr = 0;
+ memset(&rec, 0, sizeof(rec));
rec.max_ind_blocks = 10;
retval = ext2fs_get_array(rec.max_ind_blocks, sizeof(blk_t),
&rec.ind_blocks);
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
