summaryrefslogtreecommitdiffstats
path: root/fs/befs
diff options
context:
space:
mode:
authorFabian Frederick <fabf@skynet.be>2014-08-08 14:20:31 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2014-08-08 15:57:20 -0700
commit8e19189ef8d1fce44f3acdf0fe9846cff9b37c78 (patch)
tree0c4af0f63e37fa6353cf71002a4e500d5c5a0365 /fs/befs
parent6d6747f85314687f72012ae85cde401db531e130 (diff)
downloadlinux-8e19189ef8d1fce44f3acdf0fe9846cff9b37c78.tar.gz
linux-8e19189ef8d1fce44f3acdf0fe9846cff9b37c78.tar.bz2
linux-8e19189ef8d1fce44f3acdf0fe9846cff9b37c78.zip
fs/befs/linuxvfs.c: check superblock before dump operation
befs_dump_super_block was called between befs_load_sb and befs_check_sb. It has been reported to crash (5/900) with null block testing. This patch loads, checks and only dump superblock if it's a valid one then brelse bh. (befs_dump_super_block uses disk_sb (bh->b_data) so it seems we need to call it before brelse(bh) but I don't know why befs_check_sb was called after brelse. Another thing I don't understand is why this problem appears now). Signed-off-by: Fabian Frederick <fabf@skynet.be> Reported-by: Fengguang Wu <fengguang.wu@intel.com> Cc: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/befs')
-rw-r--r--fs/befs/linuxvfs.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c
index 0d6c07cc1149..4cf61ec6b7a8 100644
--- a/fs/befs/linuxvfs.c
+++ b/fs/befs/linuxvfs.c
@@ -832,16 +832,14 @@ befs_fill_super(struct super_block *sb, void *data, int silent)
(befs_super_block *) ((void *) bh->b_data + x86_sb_off);
}
- if (befs_load_sb(sb, disk_sb) != BEFS_OK)
+ if ((befs_load_sb(sb, disk_sb) != BEFS_OK) ||
+ (befs_check_sb(sb) != BEFS_OK))
goto unacquire_bh;
befs_dump_super_block(sb, disk_sb);
brelse(bh);
- if (befs_check_sb(sb) != BEFS_OK)
- goto unacquire_priv_sbp;
-
if( befs_sb->num_blocks > ~((sector_t)0) ) {
befs_error(sb, "blocks count: %llu "
"is larger than the host can use",