Re: [PATCH] fs: Fix memcpy_sz for remaining count/rwsize

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Oct 08, 2015 at 11:19:45PM +0200, Sebastian Hesselbarth wrote:
> When using memcpy_sz with rwsize != 1 integer division of
> count/rwsize may leave some bytes of the request uncopied if
> count is not a multiple of rwsize.
> 
> Fix this behavior by decrementing count by rwsize instead of
> integer division and use plain memcpy for the remaining bytes.
> 
> Signed-off-by: Sebastian Hesselbarth <sebastian.hesselbarth@xxxxxxxxx>
> ---
> Cc: barebox@xxxxxxxxxxxxxxxxxxx
> ---
>  fs/fs.c | 9 ++++++---
>  1 file changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/fs.c b/fs/fs.c
> index c041e41bb51b..ccbda22d2692 100644
> --- a/fs/fs.c
> +++ b/fs/fs.c
> @@ -1580,9 +1580,7 @@ static void memcpy_sz(void *dst, const void *src, size_t count, int rwsize)
>  
>  	rwsize = rwsize >> O_RWSIZE_SHIFT;
>  
> -	count /= rwsize;
> -
> -	while (count-- > 0) {
> +	while (count > 0) {
>  		switch (rwsize) {
>  		case 1:
>  			*((u8 *)dst) = *((u8 *)src);
> @@ -1599,7 +1597,12 @@ static void memcpy_sz(void *dst, const void *src, size_t count, int rwsize)
>  		}
>  		dst += rwsize;
>  		src += rwsize;
> +		count -= rwsize;
>  	}

This doesn't look correct. When count > 0 you are inside the loop, so

> +
> +	/* copy remaining bytes with plain memcpy */
> +	if (count)
> +		memcpy(dst, src, count);

here count <= 0 which is no meaningful argument for the copy size.

Should the loop start with while (count >= rwsize) instead?

I wonder if the behaviour shouldn't rather be:
- let memcpy_sz return the number of bytes copied and not copy the
  remaining partial word.
- return error from memcpy_sz when input count < rwsize

This would allow us to catch wrongly aligned sizes.

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux