From patchwork Thu Aug  1 15:36:38 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dan Carpenter <dan.carpenter@oracle.com>
X-Patchwork-Id: 2837124
Return-Path: <ocfs2-devel-bounces@oss.oracle.com>
X-Original-To: patchwork-ocfs2-devel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.19.201])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 3A7029F3B9
	for <patchwork-ocfs2-devel@patchwork.kernel.org>;
	Thu,  1 Aug 2013 15:37:25 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id E156B20283
	for <patchwork-ocfs2-devel@patchwork.kernel.org>;
	Thu,  1 Aug 2013 15:37:23 +0000 (UTC)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 95BE620125
	for <patchwork-ocfs2-devel@patchwork.kernel.org>;
	Thu,  1 Aug 2013 15:37:22 +0000 (UTC)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238])
	by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1)
	with ESMTP id r71Fb8Jv011126
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Thu, 1 Aug 2013 15:37:09 GMT
Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	r71Fb3co023689
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Thu, 1 Aug 2013 15:37:04 GMT
Received: from localhost ([127.0.0.1] helo=oss.oracle.com)
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <ocfs2-devel-bounces@oss.oracle.com>)
	id 1V4uw3-0003Jp-TK; Thu, 01 Aug 2013 08:37:03 -0700
Received: from acsinet22.oracle.com ([141.146.126.238])
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <dan.carpenter@oracle.com>) id 1V4uvo-0003JU-Iq
	for ocfs2-devel@oss.oracle.com; Thu, 01 Aug 2013 08:36:48 -0700
Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	r71FalbW023098
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Thu, 1 Aug 2013 15:36:47 GMT
Received: from abhmt109.oracle.com (abhmt109.oracle.com [141.146.116.61])
	by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	r71Falq5023089; Thu, 1 Aug 2013 15:36:47 GMT
Received: from elgon.mountain (/41.202.233.182)
	by default (Oracle Beehive Gateway v4.0)
	with ESMTP ; Thu, 01 Aug 2013 08:36:46 -0700
Date: Thu, 1 Aug 2013 18:36:38 +0300
From: Dan Carpenter <dan.carpenter@oracle.com>
To: Jeff Liu <jeff.liu@oracle.com>
Message-ID: <20130801153638.GA4887@elgon.mountain>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <51FA6C7A.9050407@oracle.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: David Weber <wb@munzinger.de>, Mark Fasheh <mfasheh@suse.com>,
	ocfs2-devel@oss.oracle.com
Subject: [Ocfs2-devel] [patch v3] ocfs2: ocfs2: fix recent memory corruption
	bug
X-BeenThere: ocfs2-devel@oss.oracle.com
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <ocfs2-devel.oss.oracle.com>
List-Unsubscribe: <https://oss.oracle.com/mailman/listinfo/ocfs2-devel>,
	<mailto:ocfs2-devel-request@oss.oracle.com?subject=unsubscribe>
List-Archive: <http://oss.oracle.com/pipermail/ocfs2-devel>
List-Post: <mailto:ocfs2-devel@oss.oracle.com>
List-Help: <mailto:ocfs2-devel-request@oss.oracle.com?subject=help>
List-Subscribe: <https://oss.oracle.com/mailman/listinfo/ocfs2-devel>,
	<mailto:ocfs2-devel-request@oss.oracle.com?subject=subscribe>
Sender: ocfs2-devel-bounces@oss.oracle.com
Errors-To: ocfs2-devel-bounces@oss.oracle.com
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
X-Spam-Status: No, score=-5.7 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The pointer math in 6fdf3af1d2 "ocfs2: fix null pointer dereference in
ocfs2_dir_foreach_blk_id()" isn't correct so it will zero out the wrong
memory.  In fact, the memset isn't needed because the initializer will
set all these values to zero.

This patch also removes the "ctx.pos = 0" initialization because that
will be zeroed automatically as well.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Jie Liu <jeff.liu@oracle.com>
---
v2: remove the memset
v3: remove the ctx.pos = 0.

diff --git a/fs/ocfs2/dir.c b/fs/ocfs2/dir.c
index c91d986..30544ce 100644
--- a/fs/ocfs2/dir.c
+++ b/fs/ocfs2/dir.c
@@ -2154,12 +2154,8 @@ int ocfs2_empty_dir(struct inode *inode)
 	int ret;
 	struct ocfs2_empty_dir_priv priv = {
 		.ctx.actor = ocfs2_empty_dir_filldir,
-		.ctx.pos = 0,
 	};
 
-	memset(&priv + sizeof(struct dir_context), 0,
-	       sizeof(priv) - sizeof(struct dir_context));
-
 	if (ocfs2_dir_indexed(inode)) {
 		ret = ocfs2_empty_dir_dx(inode, &priv);
 		if (ret)