Loading fs/ntfs/ChangeLog +1 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ ToDo/Notes: compiled without debug. This avoids a possible denial of service attack. Thanks to Carl-Daniel Hailfinger from SuSE for pointing this out. - Use i_size_read() in fs/ntfs/attrib.c::ntfs_attr_set(). 2.1.22 - Many bug and race fixes and error handling improvements. Loading fs/ntfs/Makefile +1 −1 Original line number Diff line number Diff line Loading @@ -6,7 +6,7 @@ ntfs-objs := aops.o attrib.o collate.o compress.o debug.o dir.o file.o \ index.o inode.o mft.o mst.o namei.o runlist.o super.o sysctl.o \ unistr.o upcase.o EXTRA_CFLAGS = -DNTFS_VERSION=\"2.1.22\" EXTRA_CFLAGS = -DNTFS_VERSION=\"2.1.23-WIP\" ifeq ($(CONFIG_NTFS_DEBUG),y) EXTRA_CFLAGS += -DDEBUG Loading fs/ntfs/attrib.c +5 −1 Original line number Diff line number Diff line Loading @@ -1127,6 +1127,10 @@ int ntfs_attr_record_resize(MFT_RECORD *m, ATTR_RECORD *a, u32 new_size) * byte offset @ofs inside the attribute with the constant byte @val. * * This function is effectively like memset() applied to an ntfs attribute. * Note thie function actually only operates on the page cache pages belonging * to the ntfs attribute and it marks them dirty after doing the memset(). * Thus it relies on the vm dirty page write code paths to cause the modified * pages to be written to the mft record/disk. * * Return 0 on success and -errno on error. An error code of -ESPIPE means * that @ofs + @cnt were outside the end of the attribute and no write was Loading Loading @@ -1155,7 +1159,7 @@ int ntfs_attr_set(ntfs_inode *ni, const s64 ofs, const s64 cnt, const u8 val) end = ofs + cnt; end_ofs = end & ~PAGE_CACHE_MASK; /* If the end is outside the inode size return -ESPIPE. */ if (unlikely(end > VFS_I(ni)->i_size)) { if (unlikely(end > i_size_read(VFS_I(ni)))) { ntfs_error(vol->sb, "Request exceeds end of attribute."); return -ESPIPE; } Loading Loading
fs/ntfs/ChangeLog +1 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ ToDo/Notes: compiled without debug. This avoids a possible denial of service attack. Thanks to Carl-Daniel Hailfinger from SuSE for pointing this out. - Use i_size_read() in fs/ntfs/attrib.c::ntfs_attr_set(). 2.1.22 - Many bug and race fixes and error handling improvements. Loading
fs/ntfs/Makefile +1 −1 Original line number Diff line number Diff line Loading @@ -6,7 +6,7 @@ ntfs-objs := aops.o attrib.o collate.o compress.o debug.o dir.o file.o \ index.o inode.o mft.o mst.o namei.o runlist.o super.o sysctl.o \ unistr.o upcase.o EXTRA_CFLAGS = -DNTFS_VERSION=\"2.1.22\" EXTRA_CFLAGS = -DNTFS_VERSION=\"2.1.23-WIP\" ifeq ($(CONFIG_NTFS_DEBUG),y) EXTRA_CFLAGS += -DDEBUG Loading
fs/ntfs/attrib.c +5 −1 Original line number Diff line number Diff line Loading @@ -1127,6 +1127,10 @@ int ntfs_attr_record_resize(MFT_RECORD *m, ATTR_RECORD *a, u32 new_size) * byte offset @ofs inside the attribute with the constant byte @val. * * This function is effectively like memset() applied to an ntfs attribute. * Note thie function actually only operates on the page cache pages belonging * to the ntfs attribute and it marks them dirty after doing the memset(). * Thus it relies on the vm dirty page write code paths to cause the modified * pages to be written to the mft record/disk. * * Return 0 on success and -errno on error. An error code of -ESPIPE means * that @ofs + @cnt were outside the end of the attribute and no write was Loading Loading @@ -1155,7 +1159,7 @@ int ntfs_attr_set(ntfs_inode *ni, const s64 ofs, const s64 cnt, const u8 val) end = ofs + cnt; end_ofs = end & ~PAGE_CACHE_MASK; /* If the end is outside the inode size return -ESPIPE. */ if (unlikely(end > VFS_I(ni)->i_size)) { if (unlikely(end > i_size_read(VFS_I(ni)))) { ntfs_error(vol->sb, "Request exceeds end of attribute."); return -ESPIPE; } Loading
Anton Altaparmakov <aia21@cantab.net>Anton Altaparmakov <aia21@cantab.net>