HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / udf / dir.c
blob541d9c65014dce91e2207759fe5e1e02db60cae5
1 /*
2 * dir.c
4 * PURPOSE
5 * Directory handling routines for the OSTA-UDF(tm) filesystem.
7 * COPYRIGHT
8 * This file is distributed under the terms of the GNU General Public
9 * License (GPL). Copies of the GPL can be obtained from:
10 * ftp://prep.ai.mit.edu/pub/gnu/GPL
11 * Each contributing author retains all rights to their own work.
13 * (C) 1998-2004 Ben Fennema
15 * HISTORY
17 * 10/05/98 dgb Split directory operations into its own file
18 * Implemented directory reads via do_udf_readdir
19 * 10/06/98 Made directory operations work!
20 * 11/17/98 Rewrote directory to support ICBTAG_FLAG_AD_LONG
21 * 11/25/98 blf Rewrote directory handling (readdir+lookup) to support reading
22 * across blocks.
23 * 12/12/98 Split out the lookup code to namei.c. bulk of directory
24 * code now in directory.c:udf_fileident_read.
27 #include "udfdecl.h"
29 #include <linux/string.h>
30 #include <linux/errno.h>
31 #include <linux/mm.h>
32 #include <linux/slab.h>
34 #include "udf_i.h"
35 #include "udf_sb.h"
38 static int udf_readdir(struct file *file, struct dir_context *ctx)
40 struct inode *dir = file_inode(file);
41 struct udf_inode_info *iinfo = UDF_I(dir);
42 struct udf_fileident_bh fibh = { .sbh = NULL, .ebh = NULL};
43 struct fileIdentDesc *fi = NULL;
44 struct fileIdentDesc cfi;
45 int block, iblock;
46 loff_t nf_pos;
47 int flen;
48 unsigned char *fname = NULL;
49 unsigned char *nameptr;
50 uint16_t liu;
51 uint8_t lfi;
52 loff_t size = udf_ext0_offset(dir) + dir->i_size;
53 struct buffer_head *tmp, *bha[16];
54 struct kernel_lb_addr eloc;
55 uint32_t elen;
56 sector_t offset;
57 int i, num, ret = 0;
58 struct extent_position epos = { NULL, 0, {0, 0} };
59 struct super_block *sb = dir->i_sb;
61 if (ctx->pos == 0) {
62 if (!dir_emit_dot(file, ctx))
63 return 0;
64 ctx->pos = 1;
66 nf_pos = (ctx->pos - 1) << 2;
67 if (nf_pos >= size)
68 goto out;
70 fname = kmalloc(UDF_NAME_LEN, GFP_NOFS);
71 if (!fname) {
72 ret = -ENOMEM;
73 goto out;
76 if (nf_pos == 0)
77 nf_pos = udf_ext0_offset(dir);
79 fibh.soffset = fibh.eoffset = nf_pos & (sb->s_blocksize - 1);
80 if (iinfo->i_alloc_type != ICBTAG_FLAG_AD_IN_ICB) {
81 if (inode_bmap(dir, nf_pos >> sb->s_blocksize_bits,
82 &epos, &eloc, &elen, &offset)
83 != (EXT_RECORDED_ALLOCATED >> 30)) {
84 ret = -ENOENT;
85 goto out;
87 block = udf_get_lb_pblock(sb, &eloc, offset);
88 if ((++offset << sb->s_blocksize_bits) < elen) {
89 if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_SHORT)
90 epos.offset -= sizeof(struct short_ad);
91 else if (iinfo->i_alloc_type ==
92 ICBTAG_FLAG_AD_LONG)
93 epos.offset -= sizeof(struct long_ad);
94 } else {
95 offset = 0;
98 if (!(fibh.sbh = fibh.ebh = udf_tread(sb, block))) {
99 ret = -EIO;
100 goto out;
103 if (!(offset & ((16 >> (sb->s_blocksize_bits - 9)) - 1))) {
104 i = 16 >> (sb->s_blocksize_bits - 9);
105 if (i + offset > (elen >> sb->s_blocksize_bits))
106 i = (elen >> sb->s_blocksize_bits) - offset;
107 for (num = 0; i > 0; i--) {
108 block = udf_get_lb_pblock(sb, &eloc, offset + i);
109 tmp = udf_tgetblk(sb, block);
110 if (tmp && !buffer_uptodate(tmp) && !buffer_locked(tmp))
111 bha[num++] = tmp;
112 else
113 brelse(tmp);
115 if (num) {
116 ll_rw_block(READA, num, bha);
117 for (i = 0; i < num; i++)
118 brelse(bha[i]);
123 while (nf_pos < size) {
124 struct kernel_lb_addr tloc;
126 ctx->pos = (nf_pos >> 2) + 1;
128 fi = udf_fileident_read(dir, &nf_pos, &fibh, &cfi, &epos, &eloc,
129 &elen, &offset);
130 if (!fi)
131 goto out;
133 liu = le16_to_cpu(cfi.lengthOfImpUse);
134 lfi = cfi.lengthFileIdent;
136 if (fibh.sbh == fibh.ebh) {
137 nameptr = fi->fileIdent + liu;
138 } else {
139 int poffset; /* Unpaded ending offset */
141 poffset = fibh.soffset + sizeof(struct fileIdentDesc) + liu + lfi;
143 if (poffset >= lfi) {
144 nameptr = (char *)(fibh.ebh->b_data + poffset - lfi);
145 } else {
146 nameptr = fname;
147 memcpy(nameptr, fi->fileIdent + liu,
148 lfi - poffset);
149 memcpy(nameptr + lfi - poffset,
150 fibh.ebh->b_data, poffset);
154 if ((cfi.fileCharacteristics & FID_FILE_CHAR_DELETED) != 0) {
155 if (!UDF_QUERY_FLAG(sb, UDF_FLAG_UNDELETE))
156 continue;
159 if ((cfi.fileCharacteristics & FID_FILE_CHAR_HIDDEN) != 0) {
160 if (!UDF_QUERY_FLAG(sb, UDF_FLAG_UNHIDE))
161 continue;
164 if (cfi.fileCharacteristics & FID_FILE_CHAR_PARENT) {
165 if (!dir_emit_dotdot(file, ctx))
166 goto out;
167 continue;
170 flen = udf_get_filename(sb, nameptr, lfi, fname, UDF_NAME_LEN);
171 if (flen < 0)
172 continue;
174 tloc = lelb_to_cpu(cfi.icb.extLocation);
175 iblock = udf_get_lb_pblock(sb, &tloc, 0);
176 if (!dir_emit(ctx, fname, flen, iblock, DT_UNKNOWN))
177 goto out;
178 } /* end while */
180 ctx->pos = (nf_pos >> 2) + 1;
182 out:
183 if (fibh.sbh != fibh.ebh)
184 brelse(fibh.ebh);
185 brelse(fibh.sbh);
186 brelse(epos.bh);
187 kfree(fname);
189 return ret;
192 /* readdir and lookup functions */
193 const struct file_operations udf_dir_operations = {
194 .llseek = generic_file_llseek,
195 .read = generic_read_dir,
196 .iterate = udf_readdir,
197 .unlocked_ioctl = udf_ioctl,
198 .fsync = generic_file_fsync,