From: Artem Bityutskiy Date: Wed, 16 Jul 2014 12:22:29 +0000 (+0300) Subject: UBIFS: fix free log space calculation X-Git-Tag: firefly_0821_release~176^2~3039^2~15 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=ba29e721eb2df6df8f33c1f248388bb037a47914;p=firefly-linux-kernel-4.4.55.git UBIFS: fix free log space calculation Hu (hujianyang ) discovered an issue in the 'empty_log_bytes()' function, which calculates how many bytes are left in the log: " If 'c->lhead_lnum + 1 == c->ltail_lnum' and 'c->lhead_offs == c->leb_size', 'h' would equalent to 't' and 'empty_log_bytes()' would return 'c->log_bytes' instead of 0. " At this point it is not clear what would be the consequences of this, and whether this may lead to any problems, but this patch addresses the issue just in case. Cc: stable@vger.kernel.org Tested-by: hujianyang Reported-by: hujianyang Signed-off-by: Artem Bityutskiy --- diff --git a/fs/ubifs/log.c b/fs/ubifs/log.c index 9bd4aafd5c6f..c14628fbeee2 100644 --- a/fs/ubifs/log.c +++ b/fs/ubifs/log.c @@ -106,10 +106,14 @@ static inline long long empty_log_bytes(const struct ubifs_info *c) h = (long long)c->lhead_lnum * c->leb_size + c->lhead_offs; t = (long long)c->ltail_lnum * c->leb_size; - if (h >= t) + if (h > t) return c->log_bytes - h + t; - else + else if (h != t) return t - h; + else if (c->lhead_lnum != c->ltail_lnum) + return 0; + else + return c->log_bytes; } /**