[Ocfs2-devel] [PATCH] ocfs2: Fix memory overflow in cow_by_page.
Sunil Mushran
sunil.mushran at oracle.com
Thu Jan 21 18:54:36 PST 2010
ack
Tao Ma wrote:
> In ocfs2_duplicate_clusters_by_page, we calculate map_end
> by shifting page_index. But actually in case we meet with
> a large offset(say in a i686 box, poff_t is only 32 bits
> and page_index=2056240), we will overflow. So change it
> by adding PAGE_CACHE_SIZE to offset.
>
> Signed-off-by: Tao Ma <tao.ma at oracle.com>
> ---
> fs/ocfs2/refcounttree.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c
> index 74db2be..6db863d 100644
> --- a/fs/ocfs2/refcounttree.c
> +++ b/fs/ocfs2/refcounttree.c
> @@ -2945,7 +2945,7 @@ static int ocfs2_duplicate_clusters_by_page(handle_t *handle,
>
> while (offset < end) {
> page_index = offset >> PAGE_CACHE_SHIFT;
> - map_end = (page_index + 1) << PAGE_CACHE_SHIFT;
> + map_end = offset + PAGE_CACHE_SIZE;
> if (map_end > end)
> map_end = end;
>
>
More information about the Ocfs2-devel
mailing list