From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Currently extent and index i are both being incremented causing
an array out of bounds read on extent[i]. Fix this by removing
the extraneous increment of extent.
Detected by CoverityScan, CID#711541 ("Out of bounds read")
Fixes: d1081202f1d0 ("HFS rewrite")
Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
---
fs/hfs/extent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/hfs/extent.c b/fs/hfs/extent.c
index 5d0182654580..636cdfcecb26 100644
--- a/fs/hfs/extent.c
+++ b/fs/hfs/extent.c
@@ -300,7 +300,7 @@ int hfs_free_fork(struct super_block *sb, struct hfs_cat_file *file, int type)
return 0;
blocks = 0;
- for (i = 0; i < 3; extent++, i++)
+ for (i = 0; i < 3; i++)
blocks += be16_to_cpu(extent[i].count);
res = hfs_free_extents(sb, extent, blocks, blocks);
--
2.17.1
