Avoid reading past buffer when calling GETACL
[zen-stable.git] / fs / squashfs / block.c
blobed0eb2a921f4bdb654bca99407b542db061b0054
1 /*
2 * Squashfs - a compressed read only filesystem for Linux
4 * Copyright (c) 2002, 2003, 2004, 2005, 2006, 2007, 2008
5 * Phillip Lougher <phillip@squashfs.org.uk>
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2,
10 * or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
21 * block.c
25 * This file implements the low-level routines to read and decompress
26 * datablocks and metadata blocks.
29 #include <linux/fs.h>
30 #include <linux/vfs.h>
31 #include <linux/slab.h>
32 #include <linux/string.h>
33 #include <linux/buffer_head.h>
35 #include "squashfs_fs.h"
36 #include "squashfs_fs_sb.h"
37 #include "squashfs.h"
38 #include "decompressor.h"
41 * Read the metadata block length, this is stored in the first two
42 * bytes of the metadata block.
44 static struct buffer_head *get_block_length(struct super_block *sb,
45 u64 *cur_index, int *offset, int *length)
47 struct squashfs_sb_info *msblk = sb->s_fs_info;
48 struct buffer_head *bh;
50 bh = sb_bread(sb, *cur_index);
51 if (bh == NULL)
52 return NULL;
54 if (msblk->devblksize - *offset == 1) {
55 *length = (unsigned char) bh->b_data[*offset];
56 put_bh(bh);
57 bh = sb_bread(sb, ++(*cur_index));
58 if (bh == NULL)
59 return NULL;
60 *length |= (unsigned char) bh->b_data[0] << 8;
61 *offset = 1;
62 } else {
63 *length = (unsigned char) bh->b_data[*offset] |
64 (unsigned char) bh->b_data[*offset + 1] << 8;
65 *offset += 2;
67 if (*offset == msblk->devblksize) {
68 put_bh(bh);
69 bh = sb_bread(sb, ++(*cur_index));
70 if (bh == NULL)
71 return NULL;
72 *offset = 0;
76 return bh;
81 * Read and decompress a metadata block or datablock. Length is non-zero
82 * if a datablock is being read (the size is stored elsewhere in the
83 * filesystem), otherwise the length is obtained from the first two bytes of
84 * the metadata block. A bit in the length field indicates if the block
85 * is stored uncompressed in the filesystem (usually because compression
86 * generated a larger block - this does occasionally happen with zlib).
88 int squashfs_read_data(struct super_block *sb, void **buffer, u64 index,
89 int length, u64 *next_index, int srclength, int pages)
91 struct squashfs_sb_info *msblk = sb->s_fs_info;
92 struct buffer_head **bh;
93 int offset = index & ((1 << msblk->devblksize_log2) - 1);
94 u64 cur_index = index >> msblk->devblksize_log2;
95 int bytes, compressed, b = 0, k = 0, page = 0, avail;
97 bh = kcalloc(((srclength + msblk->devblksize - 1)
98 >> msblk->devblksize_log2) + 1, sizeof(*bh), GFP_KERNEL);
99 if (bh == NULL)
100 return -ENOMEM;
102 if (length) {
104 * Datablock.
106 bytes = -offset;
107 compressed = SQUASHFS_COMPRESSED_BLOCK(length);
108 length = SQUASHFS_COMPRESSED_SIZE_BLOCK(length);
109 if (next_index)
110 *next_index = index + length;
112 TRACE("Block @ 0x%llx, %scompressed size %d, src size %d\n",
113 index, compressed ? "" : "un", length, srclength);
115 if (length < 0 || length > srclength ||
116 (index + length) > msblk->bytes_used)
117 goto read_failure;
119 for (b = 0; bytes < length; b++, cur_index++) {
120 bh[b] = sb_getblk(sb, cur_index);
121 if (bh[b] == NULL)
122 goto block_release;
123 bytes += msblk->devblksize;
125 ll_rw_block(READ, b, bh);
126 } else {
128 * Metadata block.
130 if ((index + 2) > msblk->bytes_used)
131 goto read_failure;
133 bh[0] = get_block_length(sb, &cur_index, &offset, &length);
134 if (bh[0] == NULL)
135 goto read_failure;
136 b = 1;
138 bytes = msblk->devblksize - offset;
139 compressed = SQUASHFS_COMPRESSED(length);
140 length = SQUASHFS_COMPRESSED_SIZE(length);
141 if (next_index)
142 *next_index = index + length + 2;
144 TRACE("Block @ 0x%llx, %scompressed size %d\n", index,
145 compressed ? "" : "un", length);
147 if (length < 0 || length > srclength ||
148 (index + length) > msblk->bytes_used)
149 goto block_release;
151 for (; bytes < length; b++) {
152 bh[b] = sb_getblk(sb, ++cur_index);
153 if (bh[b] == NULL)
154 goto block_release;
155 bytes += msblk->devblksize;
157 ll_rw_block(READ, b - 1, bh + 1);
160 if (compressed) {
161 length = squashfs_decompress(msblk, buffer, bh, b, offset,
162 length, srclength, pages);
163 if (length < 0)
164 goto read_failure;
165 } else {
167 * Block is uncompressed.
169 int i, in, pg_offset = 0;
171 for (i = 0; i < b; i++) {
172 wait_on_buffer(bh[i]);
173 if (!buffer_uptodate(bh[i]))
174 goto block_release;
177 for (bytes = length; k < b; k++) {
178 in = min(bytes, msblk->devblksize - offset);
179 bytes -= in;
180 while (in) {
181 if (pg_offset == PAGE_CACHE_SIZE) {
182 page++;
183 pg_offset = 0;
185 avail = min_t(int, in, PAGE_CACHE_SIZE -
186 pg_offset);
187 memcpy(buffer[page] + pg_offset,
188 bh[k]->b_data + offset, avail);
189 in -= avail;
190 pg_offset += avail;
191 offset += avail;
193 offset = 0;
194 put_bh(bh[k]);
198 kfree(bh);
199 return length;
201 block_release:
202 for (; k < b; k++)
203 put_bh(bh[k]);
205 read_failure:
206 ERROR("squashfs_read_data failed to read block 0x%llx\n",
207 (unsigned long long) index);
208 kfree(bh);
209 return -EIO;