redonkable/remarkable-linux
redonkable/remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/fs
History
OGAWA Hirofumi c483bab099 fat: fix VFAT compat ioctls on 64-bit systems 
If you compile and run the below test case in an msdos or vfat directory on
an x86-64 system with -m32 you'll get garbage in the kernel_dirent struct
followed by a SIGSEGV.

The patch fixes this.

Reported and initial fix by Bart Oldeman

#include <sys/types.h>
#include <sys/ioctl.h>
#include <dirent.h>
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
struct kernel_dirent {
         long            d_ino;
         long		d_off;
         unsigned short  d_reclen;
         char            d_name[256]; /* We must not include limits.h! */
};
#define VFAT_IOCTL_READDIR_BOTH  _IOR('r', 1, struct kernel_dirent [2])
#define VFAT_IOCTL_READDIR_SHORT  _IOR('r', 2, struct kernel_dirent [2])

int main(void)
{
         int fd = open(".", O_RDONLY);
         struct kernel_dirent de[2];

         while (1) {
                 int i = ioctl(fd, VFAT_IOCTL_READDIR_BOTH, (long)de);
                 if (i == -1) break;
                 if (de[0].d_reclen == 0) break;
                 printf("SFN: reclen=%2d off=%d ino=%d, %-12s",
 		       de[0].d_reclen, de[0].d_off, de[0].d_ino, de[0].d_name);
 		if (de[1].d_reclen)
 		  printf("\tLFN: reclen=%2d off=%d ino=%d, %s",
 		    de[1].d_reclen, de[1].d_off, de[1].d_ino, de[1].d_name);
 		printf("\n");
         }
         return 0;
}

Signed-off-by: Bart Oldeman <bartoldeman@users.sourceforge.net>
Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-08 11:15:14 -07:00
..
9p header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
adfs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
affs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
afs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
autofs
autofs4 header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
befs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
bfs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
cifs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
coda slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
configfs remove "struct subsystem" as it is no longer needed 2007-05-02 18:57:59 -07:00
cramfs mm: make read_cache_page synchronous 2007-05-07 12:12:51 -07:00
debugfs remove "struct subsystem" as it is no longer needed 2007-05-02 18:57:59 -07:00
devpts devpts: add fsnotify create event 2007-05-08 11:14:59 -07:00
dlm Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-nmw 2007-05-07 12:26:27 -07:00
ecryptfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
efs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
exportfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
ext2 ext3: copy i_flags to inode flags on write 2007-05-08 11:15:13 -07:00
ext3 ext3: copy i_flags to inode flags on write 2007-05-08 11:15:12 -07:00
ext4 header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
fat fat: fix VFAT compat ioctls on 64-bit systems 2007-05-08 11:15:14 -07:00
freevxfs freevxfs: possible null pointer dereference fix 2007-05-08 11:14:59 -07:00
fuse add filesystem subtype support 2007-05-08 11:15:01 -07:00
gfs2 header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
hfs is_power_of_2 in fs/hfs 2007-05-08 11:14:59 -07:00
hfsplus is_power_of_2 in fs/hfs 2007-05-08 11:14:59 -07:00
hostfs uml: hostfs style fixes 2007-05-08 11:14:57 -07:00
hpfs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
hppfs
hugetlbfs hugetlbfs: add NULL check in hugetlb_zero_setup() 2007-05-07 12:12:57 -07:00
isofs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
jbd jbd: check for error returned by kthread_create on creating journal thread 2007-05-08 11:15:13 -07:00
jbd2 jbd: check for error returned by kthread_create on creating journal thread 2007-05-08 11:15:13 -07:00
jffs2 slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
jfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
lockd header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
minix slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
msdos
ncpfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
nfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
nfs_common
nfsd header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
nls
ntfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
ocfs2 header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
openpromfs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
partitions partition: add support for sysv68 partitions 2007-05-08 11:15:09 -07:00
proc Remove redundant check from proc_sys_setattr() 2007-05-08 11:15:10 -07:00
qnx4 slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
ramfs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
reiserfs reiserfs: use __set_current_state() 2007-05-08 11:15:13 -07:00
romfs slab allocators: Remove SLAB_DEBUG_INITIAL flag 2007-05-07 12:12:57 -07:00
smbfs smbfs: remove unnecessary allow_signal 2007-05-08 11:15:11 -07:00
sysfs remove "struct subsystem" as it is no longer needed 2007-05-02 18:57:59 -07:00
sysv header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
udf header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
ufs header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
vfat
xfs mm: move common segment checks to separate helper function 2007-05-08 11:14:57 -07:00
aio.c KMEM_CACHE(): simplify slab cache creation 2007-05-07 12:12:55 -07:00
attr.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
bad_inode.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
binfmt_aout.c
binfmt_elf.c i386: sched.h inclusion from module.h is baack 2007-05-08 11:15:08 -07:00
binfmt_elf_fdpic.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
binfmt_em86.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
binfmt_flat.c
binfmt_misc.c
binfmt_script.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
binfmt_som.c
bio.c KMEM_CACHE(): simplify slab cache creation 2007-05-07 12:12:55 -07:00
block_dev.c is_power_of_2 in fs/block_dev.c 2007-05-08 11:14:59 -07:00
buffer.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
char_dev.c [PATCH] remove protection of LANANA-reserved majors 2007-04-04 21:12:47 -07:00
compat.c cleanup compat ioctl handling 2007-05-08 11:15:09 -07:00
compat_ioctl.c cleanup compat ioctl handling 2007-05-08 11:15:09 -07:00
dcache.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
dcookies.c
direct-io.c
dnotify.c
dquot.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
drop_caches.c
eventpoll.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
exec.c (re)register_binfmt returns with -EBUSY 2007-05-08 11:15:08 -07:00
fcntl.c
fifo.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
file.c
file_table.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
filesystems.c add filesystem subtype support 2007-05-08 11:15:01 -07:00
fs-writeback.c
generic_acl.c
inode.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
inotify.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
inotify_user.c
internal.h cleanup compat ioctl handling 2007-05-08 11:15:09 -07:00
ioctl.c vfs: remove superflous sb == NULL checks 2007-05-08 11:15:02 -07:00
ioprio.c
Kconfig reiserfs: proc support requires PROC_FS 2007-05-08 11:15:04 -07:00
Kconfig.binfmt blackfin architecture 2007-05-07 12:12:58 -07:00
libfs.c
locks.c Merge branch 'server-cluster-locking-api' of git://linux-nfs.org/~bfields/linux 2007-05-07 12:34:24 -07:00
Makefile
mbcache.c
mpage.c Factor outstanding I/O error handling 2007-05-08 11:14:57 -07:00
namei.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
namespace.c check privileges before setting mount propagation 2007-05-08 11:15:12 -07:00
nfsctl.c
no-block.c
open.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
pipe.c VFS: delay the dentry name generation on sockets and pipes 2007-05-08 11:15:03 -07:00
pnode.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
pnode.h
posix_acl.c
quota.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
quota_v1.c
quota_v2.c
read_write.c use use SEEK_MAX to validate user lseek arguments 2007-05-08 11:14:59 -07:00
read_write.h
readdir.c ROUND_UP macro cleanup in fs/(select|compat|readdir).c 2007-05-08 11:15:09 -07:00
select.c ROUND_UP macro cleanup in fs/(select|compat|readdir).c 2007-05-08 11:15:09 -07:00
seq_file.c
splice.c [PATCH] splice: partial write fix 2007-03-29 14:26:42 +02:00
stack.c
stat.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
super.c add filesystem subtype support 2007-05-08 11:15:01 -07:00
sync.c Remove do_sync_file_range() 2007-05-08 11:15:04 -07:00
utimes.c
xattr.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
xattr_acl.c