On Tue, Dec 19, 2017 at 12:34:59PM -0800, Darrick J. Wong wrote: > On Tue, Dec 19, 2017 at 04:16:19PM +1100, Dave Chinner wrote: > > On Wed, Dec 13, 2017 at 03:58:49PM -0800, Darrick J. Wong wrote: > > > + if (mode && dip->di_forkoff > mp->m_sb.sb_inodesize) > > > + return __this_address; > > > > Hold on, this check is completely bogus. di_forkoff is in units of 8 bytes, > > which inode size is in bytes. Also, di_forkoff is a u8, so it can't > > /ever/ be larger than the inode size which are >= 256 bytes. Yeah, > > though so: > > > > #define XFS_DFORK_BOFF(dip) ((int)((dip)->di_forkoff << 3)) > > > > This check needs to be: > > > > if (mode && XFS_DFORK_BOFF(dip) > mp->m_sb.sb_inodesize) > > return __this_address; > > > > Otherwise looks good. > > Oops, thank you for catching that! Wasn't your bug - the existing code has had this check for a long time and nobody has noticed it was bogus until now :/ Cheers, Dave. -- Dave Chinner david@xxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html