diff options
| author |   Brian Norris <computersforpeace@gmail.com> | 2015-02-16 18:04:41 -0800 |
|---|---|---|
| committer | Brian Norris <computersforpeace@gmail.com> | 2015-02-16 18:05:26 -0800 |
| commit | eb928d40a93f73dd5bdad62c2d363df296ff94ea (patch) | |
| tree | 19432163d712fa99bb35bffc8a7562e53c8a1e18 | |
| parent | mtd: hisilicon: && vs & typo (diff) | |
| parent | jffs2: fix handling of corrupted summary length (diff) | |
| download | linux-dev-eb928d40a93f73dd5bdad62c2d363df296ff94ea.tar.xz linux-dev-eb928d40a93f73dd5bdad62c2d363df296ff94ea.zip | |
Merge JFFS2 updates from David Woodhouse
| -rw-r--r-- | fs/jffs2/scan.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/jffs2/scan.c b/fs/jffs2/scan.c index 7654e87b0428..9ad5ba4b299b 100644 --- a/fs/jffs2/scan.c +++ b/fs/jffs2/scan.c @@ -510,6 +510,10 @@ static int jffs2_scan_eraseblock (struct jffs2_sb_info *c, struct jffs2_eraseblo sumlen = c->sector_size - je32_to_cpu(sm->offset); sumptr = buf + buf_size - sumlen; + /* sm->offset maybe wrong but MAGIC maybe right */ + if (sumlen > c->sector_size) + goto full_scan; + /* Now, make sure the summary itself is available */ if (sumlen > buf_size) { /* Need to kmalloc for this. */ @@ -544,6 +548,7 @@ static int jffs2_scan_eraseblock (struct jffs2_sb_info *c, struct jffs2_eraseblo } } +full_scan: buf_ofs = jeb->offset; if (!buf_size) { |