diff options
| author | Filipe Manana <[email protected]> | 2025-06-23 11:11:58 +0000 |
|---|---|---|
| committer | David Sterba <[email protected]> | 2025-06-27 17:56:55 +0000 |
| commit | 54a7081ed168b72a8a2d6ef4ba3a1259705a2926 (patch) | |
| tree | 588319e8fe4578d2eba7c3d7bc6b0324c076b49f /fs/btrfs/tree-log.c | |
| parent | btrfs: fix missing error handling when searching for inode refs during log re... (diff) | |
| download | kernel-54a7081ed168b72a8a2d6ef4ba3a1259705a2926.tar.gz kernel-54a7081ed168b72a8a2d6ef4ba3a1259705a2926.zip | |
btrfs: fix iteration of extrefs during log replay
At __inode_add_ref() when processing extrefs, if we jump into the next
label we have an undefined value of victim_name.len, since we haven't
initialized it before we did the goto. This results in an invalid memory
access in the next iteration of the loop since victim_name.len was not
initialized to the length of the name of the current extref.
Fix this by initializing victim_name.len with the current extref's name
length.
Fixes: e43eec81c516 ("btrfs: use struct qstr instead of name and namelen pairs")
Reviewed-by: Johannes Thumshirn <[email protected]>
Reviewed-by: Qu Wenruo <[email protected]>
Signed-off-by: Filipe Manana <[email protected]>
Signed-off-by: David Sterba <[email protected]>
Diffstat (limited to 'fs/btrfs/tree-log.c')
| -rw-r--r-- | fs/btrfs/tree-log.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c index 8b66173d9023..d514bf531b3b 100644 --- a/fs/btrfs/tree-log.c +++ b/fs/btrfs/tree-log.c @@ -1148,13 +1148,13 @@ again: struct fscrypt_str victim_name; extref = (struct btrfs_inode_extref *)(base + cur_offset); + victim_name.len = btrfs_inode_extref_name_len(leaf, extref); if (btrfs_inode_extref_parent(leaf, extref) != parent_objectid) goto next; ret = read_alloc_one_name(leaf, &extref->name, - btrfs_inode_extref_name_len(leaf, extref), - &victim_name); + victim_name.len, &victim_name); if (ret) return ret; |