| Message ID | 1503282615-30802-1-git-send-email-trini@konsulko.com |
|---|---|
| State | Accepted |
| Commit | 10b078d83674ab0ced812da490f3c6d2261e1b79 |
| Delegated to: | Tom Rini |
| Headers | show |
On Montag, 21. August 2017 04:30:15 CEST Tom Rini wrote: > While &p_jdb[fs->blksz] is a valid expression (it points *one* char > sized element past the end of the array, e.g. &p_jdb[fs->blksz + 1] is > invalid (according to the C standard (C99/C11)). > > Changing this to tag = (struct ext3_journal_block_tag *)(p_jdb + ofs); > > Cc: Stefan Brüns <stefan.bruens@rwth-aachen.de> > Suggested-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> > Reported-by: Coverity (CID: 165117, 165110) > Signed-off-by: Tom Rini <trini@konsulko.com> > --- > Stefan, since this is your suggestion and message, if you want me to v2 > with you as Author, I'd be quite happy to, thanks again! Hi Tom, whatever you like, both is fine with me. Kind regards, Stefan PS: Reviewed-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> > --- > fs/ext4/ext4_journal.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/fs/ext4/ext4_journal.c b/fs/ext4/ext4_journal.c > index 5a25be4c8ac2..fed6287eac45 100644 > --- a/fs/ext4/ext4_journal.c > +++ b/fs/ext4/ext4_journal.c > @@ -355,7 +355,7 @@ void recover_transaction(int prev_desc_logical_no) > ofs = sizeof(struct journal_header_t); > > do { > - tag = (struct ext3_journal_block_tag *)&p_jdb[ofs]; > + tag = (struct ext3_journal_block_tag *)(p_jdb + ofs); > ofs += sizeof(struct ext3_journal_block_tag); > > if (ofs > fs->blksz) > @@ -466,7 +466,7 @@ int ext4fs_check_journal_state(int recovery_flag) > ofs = sizeof(struct journal_header_t); > do { > tag = (struct ext3_journal_block_tag *) > - &p_jdb[ofs]; > + (p_jdb + ofs); > ofs += sizeof(struct ext3_journal_block_tag); > if (ofs > fs->blksz) > break;
On Sun, Aug 20, 2017 at 10:30:15PM -0400, Tom Rini wrote: > While &p_jdb[fs->blksz] is a valid expression (it points *one* char > sized element past the end of the array, e.g. &p_jdb[fs->blksz + 1] is > invalid (according to the C standard (C99/C11)). > > Changing this to tag = (struct ext3_journal_block_tag *)(p_jdb + ofs); > > Cc: Stefan Brüns <stefan.bruens@rwth-aachen.de> > Suggested-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> > Reported-by: Coverity (CID: 165117, 165110) > Signed-off-by: Tom Rini <trini@konsulko.com> > Reviewed-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> Applied to u-boot/master, thanks!
diff --git a/fs/ext4/ext4_journal.c b/fs/ext4/ext4_journal.c index 5a25be4c8ac2..fed6287eac45 100644 --- a/fs/ext4/ext4_journal.c +++ b/fs/ext4/ext4_journal.c @@ -355,7 +355,7 @@ void recover_transaction(int prev_desc_logical_no) ofs = sizeof(struct journal_header_t); do { - tag = (struct ext3_journal_block_tag *)&p_jdb[ofs]; + tag = (struct ext3_journal_block_tag *)(p_jdb + ofs); ofs += sizeof(struct ext3_journal_block_tag); if (ofs > fs->blksz) @@ -466,7 +466,7 @@ int ext4fs_check_journal_state(int recovery_flag) ofs = sizeof(struct journal_header_t); do { tag = (struct ext3_journal_block_tag *) - &p_jdb[ofs]; + (p_jdb + ofs); ofs += sizeof(struct ext3_journal_block_tag); if (ofs > fs->blksz) break;
While &p_jdb[fs->blksz] is a valid expression (it points *one* char sized element past the end of the array, e.g. &p_jdb[fs->blksz + 1] is invalid (according to the C standard (C99/C11)). Changing this to tag = (struct ext3_journal_block_tag *)(p_jdb + ofs); Cc: Stefan Brüns <stefan.bruens@rwth-aachen.de> Suggested-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> Reported-by: Coverity (CID: 165117, 165110) Signed-off-by: Tom Rini <trini@konsulko.com> --- Stefan, since this is your suggestion and message, if you want me to v2 with you as Author, I'd be quite happy to, thanks again! --- fs/ext4/ext4_journal.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)