Re: fat32 possible oops when fs is corrupted

Gordon Chaffee (chaffee@cs.berkeley.edu)
Fri, 27 Mar 1998 01:11:19 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aaron M. Ucko: "Re: ESC [12m"
Previous message: Alan Modra: "linux asm-i386 fixes"

Alexander V. Lukyanov writes:
> It is the following code in fs/fat/inode.c:
>
> MSDOS_SB(sb)->fsinfo_offset =
> CF_LE_W(b->info_sector) * logical_sector_size + 0x1e0;
> fsinfo = (struct fat_boot_fsinfo *)
> &bh->b_data[MSDOS_SB(sb)->fsinfo_offset];
>
> When fs is corrupted, fsinfo_offset can be too large and lead to
> reference to invalid memory.

I've got this fixed in my tree, but I haven't sent a patch to Linus yet.

- Gordon

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Aaron M. Ucko: "Re: ESC [12m"
Previous message: Alan Modra: "linux asm-i386 fixes"