vsprintf will consume varargs on its own. Skipping them manually
results in garbage in the error buffer, or Oopses in the case of
pointers.
This patch removes the advancement and fixes a number of bugs where
crashes were observed as side effects of a regular error report.
Signed-off-by: Jeff Mahoney <jeffm@xxxxxxxx>
---
fs/reiserfs/prints.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
--- a/fs/reiserfs/prints.c
+++ b/fs/reiserfs/prints.c
@@ -157,19 +157,16 @@ static void sprintf_disk_child(char *buf
dc_size(dc));
}
-static char *is_there_reiserfs_struct(char *fmt, int *what, int *skip)
+static char *is_there_reiserfs_struct(char *fmt, int *what)
{
char *k = fmt;
- *skip = 0;
-
while ((k = strchr(k, '%')) != NULL) {
if (k[1] == 'k' || k[1] == 'K' || k[1] == 'h' || k[1] == 't' ||
k[1] == 'z' || k[1] == 'b' || k[1] == 'y' || k[1] == 'a') {
*what = k[1];
break;
}
- (*skip)++;
k++;
}
return k;
@@ -193,18 +190,15 @@ static void prepare_error_buf(const char
char *fmt1 = fmt_buf;
char *k;
char *p = error_buf;
- int i, j, what, skip;
+ int what;
strcpy(fmt1, fmt);
- while ((k = is_there_reiserfs_struct(fmt1, &what, &skip)) != NULL) {
+ while ((k = is_there_reiserfs_struct(fmt1, &what)) != NULL) {
*k = 0;
p += vsprintf(p, fmt1, args);
- for (i = 0; i < skip; i++)
- j = va_arg(args, int);
-
switch (what) {
case 'k':
sprintf_le_key(p, va_arg(args, struct reiserfs_key *));
--
To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
