Currently we could access unallocated memory in fiemap because we're
using uninitialized variable 'fiemap' in fiemap_f(). In fact this has
been spotted on x390s machine where xfs_io would segfault.
The problem happens in the for cycle which seems to be intended to
compute the header item spacing. However at that point the fiemap
structure has just been allocated and does not contain any extents
yet, so it is entirely useless and it never actually worked.
This patch removes this dead code mentioned above which also fixes
the possible unallocated memory access.
Signed-off-by: Lukas Czerner <lczerner@xxxxxxxxxx>
---
io/fiemap.c | 40 +---------------------------------------
1 files changed, 1 insertions(+), 39 deletions(-)
diff --git a/io/fiemap.c b/io/fiemap.c
index e32a416..e15bc61 100644
--- a/io/fiemap.c
+++ b/io/fiemap.c
@@ -49,19 +49,6 @@ fiemap_help(void)
"\n"));
}
-static int
-numlen(
- __u64 val,
- int base)
-{
- __u64 tmp;
- int len;
-
- for (len = 0, tmp = val; tmp > 0; tmp = tmp/base)
- len++;
- return (len == 0 ? 1 : len);
-}
-
static void
print_verbose(
struct fiemap_extent *extent,
@@ -215,37 +202,12 @@ fiemap_f(
printf("%s:\n", file->name);
- if (vflag) {
- for (i = 0; i < fiemap->fm_mapped_extents; i++) {
- char lbuf[32];
- char bbuf[32];
- __u64 logical;
- __u64 block;
- __u64 len;
- struct fiemap_extent *extent;
-
- extent = &fiemap->fm_extents[i];
- logical = extent->fe_logical / blocksize;
- len = extent->fe_length / blocksize;
- block = extent->fe_physical / blocksize;
-
- snprintf(lbuf, sizeof(lbuf), "[%llu..%llu]", logical,
- logical + len - 1);
- snprintf(bbuf, sizeof(bbuf), "%llu..%llu", block,
- block + len - 1);
- foff_w = max(foff_w, strlen(lbuf));
- boff_w = max(boff_w, strlen(bbuf));
- tot_w = max(tot_w, numlen(len, 10));
- flg_w = max(flg_w, numlen(extent->fe_flags, 16));
- if (extent->fe_flags & FIEMAP_EXTENT_LAST)
- break;
- }
+ if (vflag)
printf("%4s: %-*s %-*s %*s %*s\n", _("EXT"),
foff_w, _("FILE-OFFSET"),
boff_w, _("BLOCK-RANGE"),
tot_w, _("TOTAL"),
flg_w, _("FLAGS"));
- }
while (!last && ((cur_extent + 1) != max_extents)) {
if (max_extents)
--
1.7.7.6
_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs
