On Fri, 15 Jun 2018 21:49:37 +0100 Tigran Aivazian <aivazian.tigran@xxxxxxxxx> wrote:
> Here is an updated version of the patch that includes the fix from Tomas
> Bortoli which I received today. Sorry, it couldn't be sent separately as it
> conflicts with my earlier patch.
>
> Signed-off-by: Tigran Aivazian <aivazian.tigran@xxxxxxxxx>
> Reported-by: syzbot <syzbot+71c6b5d68e91149fc8a4@xxxxxxxxxxxxxxxxxxxxxxxxx>
> Cc: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>, Tomas Bortoli <
> tomasbortoli@xxxxxxxxx>
Sorry, that it's a changelog. Please include a detailed description of
the problem, of its end-user impact and of how it was fixed.
> --- fs/bfs/inode.c.0 2018-06-15 11:41:58.096196504 +0100
> +++ fs/bfs/inode.c 2018-06-15 21:43:32.446336657 +0100
> - info->si_lasti = (le32_to_cpu(bfs_sb->s_start) - BFS_BSIZE) /
> - sizeof(struct bfs_inode)
> + info->si_lasti = (le32_to_cpu(bfs_sb->s_start) - BFS_BSIZE) /
> sizeof(struct bfs_inode)
> + BFS_ROOT_INO - 1;
> - imap_len = (info->si_lasti / 8) + 1;
> + if (info->si_lasti > 513) { /* Hardcoded: BFS can have up to 512
> maximum number of inodes */
> + printf("Impossible number of inodes %lu\n", info->si_lasti);
> + goto out1;
> + }
> + imap_len = round_up((info->si_lasti) / 8, sizeof(unsigned long)) +
> sizeof(unsigned long);
> info->si_imap = kzalloc(imap_len, GFP_KERNEL);
> if (!info->si_imap)
> goto out1;
Your emails are getting word-wrapped.
