Ryusuke Konishi a885169f03 nilfs2: fix sanity check of btree level in nilfs_btree_root_broken() ... commit d8fd150fe3935e1692bf57c66691e17409ebb9c1 upstream. The range check for b-tree level parameter in nilfs_btree_root_broken() is wrong; it accepts the case of "level == NILFS_BTREE_LEVEL_MAX" even though the level is limited to values in the range of 0 to (NILFS_BTREE_LEVEL_MAX - 1). Since the level parameter is read from storage device and used to index nilfs_btree_path array whose element count is NILFS_BTREE_LEVEL_MAX, it can cause memory overrun during btree operations if the boundary value is set to the level parameter on device. This fixes the broken sanity check and adds a comment to clarify that the upper bound NILFS_BTREE_LEVEL_MAX is exclusive. Signed-off-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Zefan Li <lizefan@huawei.com>		2015-09-18 09:20:36 +08:00
..
alloc.c
alloc.h
bmap.c
bmap.h
btnode.c
btnode.h
btree.c	nilfs2: fix sanity check of btree level in nilfs_btree_root_broken()	2015-09-18 09:20:36 +08:00
btree.h
cpfile.c
cpfile.h
dat.c
dat.h
dir.c
direct.c
direct.h
export.h
file.c
gcinode.c
ifile.c
ifile.h
inode.c	nilfs2: fix data loss with mmap()	2014-12-01 18:02:38 +08:00
ioctl.c
Kconfig
Makefile
mdt.c
mdt.h
namei.c
nilfs.h	nilfs2: fix deadlock of segment constructor over I_SYNC flag	2015-04-14 17:34:00 +08:00
page.c	nilfs2: fix issue with race condition of competition between segments for dirty blocks	2014-03-11 16:10:04 -07:00
page.h
recovery.c
segbuf.c	nilfs2: fix issue with counting number of bio requests for BIO_EOPNOTSUPP error detection	2013-08-29 09:50:13 -07:00
segbuf.h
segment.c	nilfs2: fix deadlock of segment constructor during recovery	2015-04-14 17:34:04 +08:00
segment.h	nilfs2: fix deadlock of segment constructor over I_SYNC flag	2015-04-14 17:34:00 +08:00
sufile.c
sufile.h
super.c
the_nilfs.c
the_nilfs.h