diff mbox series

lib/iov_iter.c: initialize bi.bi_idx before iterating over bvec

Message ID 20241031110224.293343-1-ming.lei@redhat.com (mailing list archive)
State New
Headers show
Series lib/iov_iter.c: initialize bi.bi_idx before iterating over bvec | expand

Commit Message

Ming Lei Oct. 31, 2024, 11:02 a.m. UTC 
Initialize bi.bi_idx as 0 before iterating over bvec, otherwise
garbage data can be used as ->bi_idx.

Cc: Christoph Hellwig <hch@lst.de>
Reported-and-tested-by: Klara Modin <klarasmodin@gmail.com>
Fixes: e4e535bff2bc ("iov_iter: don't require contiguous pages in iov_iter_extract_bvec_pages")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
---
 lib/iov_iter.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Christoph Hellwig Oct. 31, 2024, 12:58 p.m. UTC | #1 
On Thu, Oct 31, 2024 at 07:02:24PM +0800, Ming Lei wrote:
> Initialize bi.bi_idx as 0 before iterating over bvec, otherwise
> garbage data can be used as ->bi_idx.
> 
> Cc: Christoph Hellwig <hch@lst.de>
> Reported-and-tested-by: Klara Modin <klarasmodin@gmail.com>
> Fixes: e4e535bff2bc ("iov_iter: don't require contiguous pages in iov_iter_extract_bvec_pages")
> Signed-off-by: Ming Lei <ming.lei@redhat.com>
> ---
>  lib/iov_iter.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/lib/iov_iter.c b/lib/iov_iter.c
> index 9fc06f5fb748..c761f6db3cb4 100644
> --- a/lib/iov_iter.c
> +++ b/lib/iov_iter.c
> @@ -1699,6 +1699,7 @@ static ssize_t iov_iter_extract_bvec_pages(struct iov_iter *i,
>  		i->bvec++;
>  		skip = 0;
>  	}
> +	bi.bi_idx = 0;

Looks good, but the more future proof variant would be to
initialize bi to zero at declaration time:

	struct bvec_iter bi = { };

Either way:

Reviewed-by: Christoph Hellwig <hch@lst.de>
Jens Axboe Oct. 31, 2024, 1:41 p.m. UTC | #2 
On 10/31/24 5:02 AM, Ming Lei wrote:
> Initialize bi.bi_idx as 0 before iterating over bvec, otherwise
> garbage data can be used as ->bi_idx.

For some reason this wasn't on lore, so manual reply to say that I
applied it.
diff mbox series

Patch

diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index 9fc06f5fb748..c761f6db3cb4 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -1699,6 +1699,7 @@  static ssize_t iov_iter_extract_bvec_pages(struct iov_iter *i,
 		i->bvec++;
 		skip = 0;
 	}
+	bi.bi_idx = 0;
 	bi.bi_size = maxsize + skip;
 	bi.bi_bvec_done = skip;