udf: fix an uninitialized read bug and remove dead code

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In udf_lookup(), the pointer 'fi' is a local variable initialized by the
return value of the function call udf_find_entry(). However, if the macro
'UDF_RECOVERY' is defined, this variable will become uninitialized if the
else branch is not taken, which can potentially cause incorrect results in
the following execution.

To fix this issue, this patch drops the whole code in the ifdef
'UDF_RECOVERY' region, as it is dead code.

Signed-off-by: Wenwen Wang <wang6495@umn.edu>
Signed-off-by: Jan Kara <jack@suse.cz>

authored by

Wenwen Wang and committed by

Jan Kara 7 years ago 39416c58 5d552ad7

-15

1 changed file

expand all

udf

namei.c

-15

fs/udf/namei.c

··· 304 304 if (dentry->d_name.len > UDF_NAME_LEN) 305 305 return ERR_PTR(-ENAMETOOLONG); 306 306 307 - #ifdef UDF_RECOVERY 308 - /* temporary shorthand for specifying files by inode number */ 309 - if (!strncmp(dentry->d_name.name, ".B=", 3)) { 310 - struct kernel_lb_addr lb = { 311 - .logicalBlockNum = 0, 312 - .partitionReferenceNum = 313 - simple_strtoul(dentry->d_name.name + 3, 314 - NULL, 0), 315 - }; 316 - inode = udf_iget(dir->i_sb, lb); 317 - if (IS_ERR(inode)) 318 - return inode; 319 - } else 320 - #endif /* UDF_RECOVERY */ 321 - 322 307 fi = udf_find_entry(dir, &dentry->d_name, &fibh, &cfi); 323 308 if (IS_ERR(fi)) 324 309 return ERR_CAST(fi);