Hi Ben,
On Thu, Oct 08, 2015 at 02:08:28AM +0100, Ben Hutchings wrote:
> For 2.6.32, the first backport looks wrong:
>
> > --- a/fs/dcache.c
> > +++ b/fs/dcache.c
> > @@ -1910,7 +1910,7 @@ char *__d_path(const struct path *path, struct path *root,
> > struct dentry *dentry = path->dentry;
> > struct vfsmount *vfsmnt = path->mnt;
> > char *end = buffer + buflen;
> > - char *retval;
> > + char *retval, *tail;
> >
> > spin_lock(&vfsmount_lock);
> > prepend(&end, &buflen, "\0", 1);
> > @@ -1923,6 +1923,7 @@ char *__d_path(const struct path *path, struct path *root,
> > /* Get '/' right */
> > retval = end-1;
> > *retval = '/';
> > + tail = end;
>
> So tail points to the null terminator.
>
> > for (;;) {
> > struct dentry * parent;
> > @@ -1930,6 +1931,12 @@ char *__d_path(const struct path *path, struct path *root,
> > if (dentry == root->dentry && vfsmnt == root->mnt)
> > break;
> > if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
> > + /* Escaped? */
> > + if (dentry != vfsmnt->mnt_root) {
> > + retval = tail;
> > + *retval = '/';
>
> Now we overwrite the null terminator.
Good catch!
> > + goto out;
> > + }
> > /* Global root? */
> > if (vfsmnt->mnt_parent == vfsmnt) {
> > goto global_root;
>
> Also, nothing inserts the "(unreachable)" string. I've attached my
> version, which deals with both of these.
Thanks, I've queued this one instead!
Willy
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html