diff options
author | Dan Carpenter <dan.carpenter@oracle.com> | 2017-01-18 12:13:20 +0100 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2017-02-19 04:11:15 +0100 |
commit | eec11535ca3d3e2daa2c8f59fa8ce1963db98abd (patch) | |
tree | 13d332c6bab80e1974fb8b4fa5673480b2d2c596 | |
parent | selftest for default_file_splice_read() infoleak (diff) | |
download | linux-eec11535ca3d3e2daa2c8f59fa8ce1963db98abd.tar.xz linux-eec11535ca3d3e2daa2c8f59fa8ce1963db98abd.zip |
hfs: fix hfs_readdir()
I was looking through static analysis warnings and there is a bug here
that goes all the way back to the start of git. Basically we're copying
the pointer and nearby garbage instead of the data the fd.key pointer is
pointing to.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Vyacheslav Dubeyko <slava@dubeyko.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | fs/hfs/dir.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c index 5de5c48b418d..75b254280ff6 100644 --- a/fs/hfs/dir.c +++ b/fs/hfs/dir.c @@ -169,7 +169,7 @@ static int hfs_readdir(struct file *file, struct dir_context *ctx) * Can be done after the list insertion; exclusion with * hfs_delete_cat() is provided by directory lock. */ - memcpy(&rd->key, &fd.key, sizeof(struct hfs_cat_key)); + memcpy(&rd->key, &fd.key->cat, sizeof(struct hfs_cat_key)); out: hfs_find_exit(&fd); return err; |