On Thu, Jun 25, 2015 at 09:24:10AM -0700, Josef Bacik wrote:
> > +
> > + for (i = 0; i < nritems; i++) {
> > + void *tmp;
> > +
> > + tmp = btrfs_item_ptr(buf, i, void);
> > + if ((long)tmp >= BTRFS_LEAF_DATA_SIZE(root)) {
> > + ret = BTRFS_TREE_BLOCK_INVALID_OFFSETS;
> > + fprintf(stderr, "bad item pointer %lu\n",
> > + (long)tmp);
> > + goto fail;
> > + }
> > + }
>
> I'd just do
>
> if (btrfs_item_end_nr(buf, i) >= BTRFS_LEAF_DATA_SIZE(root))
>
> that way you catch problems with offset and size. Thanks,
Ah right, my check would not catch 'offset + size >= leaf data size'
if 'offset < leaf data size'. Patch welcome.
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
