vfs: Don\'t update buflen when prepend() fails.

[Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>]

I think *buflen should not be updated when prepend() fails.
Also, comparison should be (signed int) < (signed int) rather than
(signed int) < 0, in case of *buflen becomes positive after subtracting namelen.
Calling again after failure (or calling once with nagative namelen value) can
make *buflen positive and trigger buffer overrun).

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
---
 fs/dcache.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- linux-2.6.27-rc1.orig/fs/dcache.c
+++ linux-2.6.27-rc1/fs/dcache.c
@@ -1775,9 +1775,9 @@ shouldnt_be_hashed:
 
 static int prepend(char **buffer, int *buflen, const char *str, int namelen)
 {
-	*buflen -= namelen;
-	if (*buflen < 0)
+	if (*buflen < namelen)
 		return -ENAMETOOLONG;
+	*buflen -= namelen;
 	*buffer -= namelen;
 	memcpy(*buffer, str, namelen);
 	return 0;
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html