[patch] ext4: off by one check in ext4_groupinfo_create_slab()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

If cache_index == NR_GRPINFO_CACHES then we read past the end of the
ext4_groupinfo_caches[] array a couple lines later.

Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>

diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index 02cff4a..d1fe09a 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -2438,7 +2438,7 @@ static int ext4_groupinfo_create_slab(size_t size)
 	int cache_index = blocksize_bits - EXT4_MIN_BLOCK_LOG_SIZE;
 	struct kmem_cache *cachep;
 
-	if (cache_index > NR_GRPINFO_CACHES)
+	if (cache_index >= NR_GRPINFO_CACHES)
 		return -EINVAL;
 
 	if (unlikely(cache_index < 0))
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux