summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan Carpenter <dan.carpenter@oracle.com>2017-01-18 12:13:20 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2017-02-19 04:11:15 +0100
commiteec11535ca3d3e2daa2c8f59fa8ce1963db98abd (patch)
tree13d332c6bab80e1974fb8b4fa5673480b2d2c596
parentselftest for default_file_splice_read() infoleak (diff)
downloadlinux-eec11535ca3d3e2daa2c8f59fa8ce1963db98abd.tar.xz
linux-eec11535ca3d3e2daa2c8f59fa8ce1963db98abd.zip
hfs: fix hfs_readdir()
I was looking through static analysis warnings and there is a bug here that goes all the way back to the start of git. Basically we're copying the pointer and nearby garbage instead of the data the fd.key pointer is pointing to. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Reviewed-by: Vyacheslav Dubeyko <slava@dubeyko.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/hfs/dir.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c
index 5de5c48b418d..75b254280ff6 100644
--- a/fs/hfs/dir.c
+++ b/fs/hfs/dir.c
@@ -169,7 +169,7 @@ static int hfs_readdir(struct file *file, struct dir_context *ctx)
* Can be done after the list insertion; exclusion with
* hfs_delete_cat() is provided by directory lock.
*/
- memcpy(&rd->key, &fd.key, sizeof(struct hfs_cat_key));
+ memcpy(&rd->key, &fd.key->cat, sizeof(struct hfs_cat_key));
out:
hfs_find_exit(&fd);
return err;