p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

xfs: avoid null *src in memcpy call in xlog_write 

The gcc undefined behavior sanitizer caught this; surely
any sane memcpy implementation will no-op if size == 0,
but behavior with a *src of NULL is technically undefined
(declared nonnull), so avoid it here.

We are actually in this situation frequently via
xlog_commit_record(), because:

        struct xfs_log_iovec reg = {
                .i_addr = NULL,
                .i_len = 0,
                .i_type = XLOG_REG_TYPE_COMMIT,
        };

Reported-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
This commit is contained in:
Eric Sandeen 2015-10-12 16:04:15 +11:00 committed by Dave Chinner
parent dbd5c8c9a2
commit 91f9f5fe1e
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
fs/xfs/xfs_log.c
View File

@ -2422,11 +2422,20 @@ xlog_write(
&partial_copy_len); &partial_copy_len);
xlog_verify_dest_ptr(log, ptr); xlog_verify_dest_ptr(log, ptr);
/* copy region */ /*
* Copy region.
*
* Unmount records just log an opheader, so can have
* empty payloads with no data region to copy. Hence we
* only copy the payload if the vector says it has data
* to copy.
*/
ASSERT(copy_len >= 0); ASSERT(copy_len >= 0);
memcpy(ptr, reg->i_addr + copy_off, copy_len); if (copy_len > 0) {
xlog_write_adv_cnt(&ptr, &len, &log_offset, copy_len); memcpy(ptr, reg->i_addr + copy_off, copy_len);
xlog_write_adv_cnt(&ptr, &len, &log_offset,
copy_len);
}
copy_len += start_rec_copy + sizeof(xlog_op_header_t); copy_len += start_rec_copy + sizeof(xlog_op_header_t);
record_cnt++; record_cnt++;
data_cnt += contwr ? copy_len : 0; data_cnt += contwr ? copy_len : 0;