[PATCH] xfsprogs: Fix possible unallocated memory access in fiemap

To:	xfs@xxxxxxxxxxx
Subject:	[PATCH] xfsprogs: Fix possible unallocated memory access in fiemap
From:	Lukas Czerner <lczerner@xxxxxxxxxx>
Date:	Wed, 12 Dec 2012 14:30:59 +0100
Cc:	hch@xxxxxxxxxxxxx, Lukas Czerner <lczerner@xxxxxxxxxx>

Currently we could access unallocated memory in fiemap because we're
using uninitialized variable 'fiemap' in fiemap_f(). In fact this has
been spotted on x390s machine where xfs_io would segfault.

The problem happens in the for cycle which seems to be intended to
compute the header item spacing. However at that point the fiemap
structure has just been allocated and does not contain any extents
yet, so it is entirely useless and it never actually worked.

This patch removes this dead code mentioned above which also fixes
the possible unallocated memory access.

Signed-off-by: Lukas Czerner <lczerner@xxxxxxxxxx>
---
 io/fiemap.c |   40 +---------------------------------------
 1 files changed, 1 insertions(+), 39 deletions(-)

diff --git a/io/fiemap.c b/io/fiemap.c
index e32a416..e15bc61 100644
--- a/io/fiemap.c
+++ b/io/fiemap.c
@@ -49,19 +49,6 @@ fiemap_help(void)
 "\n"));
 }
 
-static int
-numlen(
-       __u64   val,
-       int     base)
-{
-       __u64   tmp;
-       int     len;
-
-       for (len = 0, tmp = val; tmp > 0; tmp = tmp/base)
-               len++;
-       return (len == 0 ? 1 : len);
-}
-
 static void
 print_verbose(
        struct fiemap_extent    *extent,
@@ -215,37 +202,12 @@ fiemap_f(
 
        printf("%s:\n", file->name);
 
-       if (vflag) {
-               for (i = 0; i < fiemap->fm_mapped_extents; i++) {
-                       char                    lbuf[32];
-                       char                    bbuf[32];
-                       __u64                   logical;
-                       __u64                   block;
-                       __u64                   len;
-                       struct fiemap_extent    *extent;
-
-                       extent = &fiemap->fm_extents[i];
-                       logical = extent->fe_logical / blocksize;
-                       len = extent->fe_length / blocksize;
-                       block = extent->fe_physical / blocksize;
-
-                       snprintf(lbuf, sizeof(lbuf), "[%llu..%llu]", logical,
-                                logical + len - 1);
-                       snprintf(bbuf, sizeof(bbuf), "%llu..%llu", block,
-                                block + len - 1);
-                       foff_w = max(foff_w, strlen(lbuf));
-                       boff_w = max(boff_w, strlen(bbuf));
-                       tot_w = max(tot_w, numlen(len, 10));
-                       flg_w = max(flg_w, numlen(extent->fe_flags, 16));
-                       if (extent->fe_flags & FIEMAP_EXTENT_LAST)
-                               break;
-               }
+       if (vflag)
                printf("%4s: %-*s %-*s %*s %*s\n", _("EXT"),
                       foff_w, _("FILE-OFFSET"),
                       boff_w, _("BLOCK-RANGE"),
                       tot_w, _("TOTAL"),
                       flg_w, _("FLAGS"));
-       }
 
        while (!last && ((cur_extent + 1) != max_extents)) {
                if (max_extents)
-- 
1.7.7.6

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH] xfsprogs: Fix possible unallocated memory access in fiemap, Lukas Czerner <= Re: [PATCH] xfsprogs: Fix possible unallocated memory access in fiemap, Dave Chinner Re: [PATCH] xfsprogs: Fix possible unallocated memory access in fiemap, Lukáš Czerner Re: [PATCH] xfsprogs: Fix possible unallocated memory access in fiemap, Dave Chinner

Previous by Date:	Re: A huge latency in ext4 and xfs because of stable page write, Zheng Liu
Next by Date:	Re: A huge latency in ext4 and xfs because of stable page write, Markus Trippelsdorf
Previous by Thread:	[GIT PULL] XFS update for 3.8-rc1, Ben Myers
Next by Thread:	Re: [PATCH] xfsprogs: Fix possible unallocated memory access in fiemap, Dave Chinner
Indexes:	[Date] [Thread] [Top] [All Lists]