HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / affs / dir.c
blobac4f318aafba875a6df22b4ce3784f8f00278044
1 /*
2 * linux/fs/affs/dir.c
4 * (c) 1996 Hans-Joachim Widmaier - Rewritten
6 * (C) 1993 Ray Burr - Modified for Amiga FFS filesystem.
8 * (C) 1992 Eric Youngdale Modified for ISO 9660 filesystem.
10 * (C) 1991 Linus Torvalds - minix filesystem
12 * affs directory handling functions
16 #include "affs.h"
18 static int affs_readdir(struct file *, struct dir_context *);
20 const struct file_operations affs_dir_operations = {
21 .read = generic_read_dir,
22 .llseek = generic_file_llseek,
23 .iterate = affs_readdir,
24 .fsync = affs_file_fsync,
28 * directories can handle most operations...
30 const struct inode_operations affs_dir_inode_operations = {
31 .create = affs_create,
32 .lookup = affs_lookup,
33 .link = affs_link,
34 .unlink = affs_unlink,
35 .symlink = affs_symlink,
36 .mkdir = affs_mkdir,
37 .rmdir = affs_rmdir,
38 .rename = affs_rename,
39 .setattr = affs_notify_change,
42 static int
43 affs_readdir(struct file *file, struct dir_context *ctx)
45 struct inode *inode = file_inode(file);
46 struct super_block *sb = inode->i_sb;
47 struct buffer_head *dir_bh = NULL;
48 struct buffer_head *fh_bh = NULL;
49 unsigned char *name;
50 int namelen;
51 u32 i;
52 int hash_pos;
53 int chain_pos;
54 u32 ino;
55 int error = 0;
57 pr_debug("%s(ino=%lu,f_pos=%llx)\n", __func__, inode->i_ino, ctx->pos);
59 if (ctx->pos < 2) {
60 file->private_data = (void *)0;
61 if (!dir_emit_dots(file, ctx))
62 return 0;
65 affs_lock_dir(inode);
66 chain_pos = (ctx->pos - 2) & 0xffff;
67 hash_pos = (ctx->pos - 2) >> 16;
68 if (chain_pos == 0xffff) {
69 affs_warning(sb, "readdir", "More than 65535 entries in chain");
70 chain_pos = 0;
71 hash_pos++;
72 ctx->pos = ((hash_pos << 16) | chain_pos) + 2;
74 dir_bh = affs_bread(sb, inode->i_ino);
75 if (!dir_bh)
76 goto out_unlock_dir;
78 /* If the directory hasn't changed since the last call to readdir(),
79 * we can jump directly to where we left off.
81 ino = (u32)(long)file->private_data;
82 if (ino && file->f_version == inode->i_version) {
83 pr_debug("readdir() left off=%d\n", ino);
84 goto inside;
87 ino = be32_to_cpu(AFFS_HEAD(dir_bh)->table[hash_pos]);
88 for (i = 0; ino && i < chain_pos; i++) {
89 fh_bh = affs_bread(sb, ino);
90 if (!fh_bh) {
91 affs_error(sb, "readdir","Cannot read block %d", i);
92 error = -EIO;
93 goto out_brelse_dir;
95 ino = be32_to_cpu(AFFS_TAIL(sb, fh_bh)->hash_chain);
96 affs_brelse(fh_bh);
97 fh_bh = NULL;
99 if (ino)
100 goto inside;
101 hash_pos++;
103 for (; hash_pos < AFFS_SB(sb)->s_hashsize; hash_pos++) {
104 ino = be32_to_cpu(AFFS_HEAD(dir_bh)->table[hash_pos]);
105 if (!ino)
106 continue;
107 ctx->pos = (hash_pos << 16) + 2;
108 inside:
109 do {
110 fh_bh = affs_bread(sb, ino);
111 if (!fh_bh) {
112 affs_error(sb, "readdir",
113 "Cannot read block %d", ino);
114 break;
117 namelen = min(AFFS_TAIL(sb, fh_bh)->name[0],
118 (u8)AFFSNAMEMAX);
119 name = AFFS_TAIL(sb, fh_bh)->name + 1;
120 pr_debug("readdir(): dir_emit(\"%.*s\", ino=%u), hash=%d, f_pos=%llx\n",
121 namelen, name, ino, hash_pos, ctx->pos);
123 if (!dir_emit(ctx, name, namelen, ino, DT_UNKNOWN))
124 goto done;
125 ctx->pos++;
126 ino = be32_to_cpu(AFFS_TAIL(sb, fh_bh)->hash_chain);
127 affs_brelse(fh_bh);
128 fh_bh = NULL;
129 } while (ino);
131 done:
132 file->f_version = inode->i_version;
133 file->private_data = (void *)(long)ino;
134 affs_brelse(fh_bh);
136 out_brelse_dir:
137 affs_brelse(dir_bh);
139 out_unlock_dir:
140 affs_unlock_dir(inode);
141 return error;