linux/fs
Trond Myklebust e9f7bee1df [PATCH] NFS: large non-page-aligned direct I/O clobbers memory
The logic in nfs_direct_read_schedule and nfs_direct_write_schedule can
allow data->npages to be one larger than rpages.  This causes a page
pointer to be written beyond the end of the pagevec in nfs_read_data (or
nfs_write_data).

Fix this by making nfs_(read|write)_alloc() calculate the size of the
pagevec array, and initialise data->npages.

Also get rid of the redundant argument to nfs_commit_alloc().

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-09-08 10:22:51 -07:00
..
9p [PATCH] 9p: fix fid behavior on failed remove 2006-07-31 13:28:44 -07:00
adfs [PATCH] adfs error message fix 2006-08-14 12:54:28 -07:00
affs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
afs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
autofs
autofs4
befs [PATCH] Fix BeFS slab corruption 2006-08-06 08:57:48 -07:00
bfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
cifs [CIFS] Do not send Query All EAs SMB when mount option nouser_xattr 2006-08-16 19:44:25 +00:00
coda [PATCH] Remove incorrect unlock_kernel from allocation failure path in coda_open() 2006-07-31 13:28:41 -07:00
configfs configfs: Clear up a few extra spaces where there should be TABs. 2006-06-29 14:43:01 -07:00
cramfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
debugfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
devpts
efs [PATCH] efs: Remove incorrect unlock_kernel from failure path in efs_symlink_readpage() 2006-07-31 13:28:41 -07:00
exportfs
ext2 [PATCH] ext2: prevent div-by-zero on corrupted fs 2006-08-27 11:01:30 -07:00
ext3 [PATCH] ext3_getblk() should handle HOLE correctly 2006-09-08 10:22:50 -07:00
fat [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
freevxfs [PATCH] freevxfs: Add missing lock_kernel() to vxfs_readdir 2006-07-31 13:28:44 -07:00
fuse [PATCH] fuse: fix error case in fuse_readpages 2006-08-14 12:54:29 -07:00
hfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
hfsplus Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
hostfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
hpfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
hppfs
hugetlbfs [PATCH] mmap zero-length hugetlb file with PROT_NONE to protect a hugetlb virtual area 2006-07-10 13:24:21 -07:00
isofs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
jbd [PATCH] manage-jbd-its-own-slab fix 2006-09-01 11:39:10 -07:00
jffs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
jffs2 Merge git://git.infradead.org/mtd-2.6 2006-07-03 21:29:08 -07:00
jfs JFS: Fix bug in quota code. tmp_bh.b_size must be initialized 2006-07-28 08:46:05 -05:00
lockd LOCKD: Fix a deadlock in nlm_traverse_files() 2006-08-24 15:51:00 -04:00
minix [PATCH] Fix for minix crash 2006-08-27 11:01:30 -07:00
msdos
ncpfs Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-06-30 15:39:30 -07:00
nfs [PATCH] NFS: large non-page-aligned direct I/O clobbers memory 2006-09-08 10:22:51 -07:00
nfs_common [PATCH] nfsacl: Solaris VxFS compatibility fix 2005-10-11 09:46:54 -07:00
nfsd [PATCH] knfsd: Fix stale file handle problem with subtree_checking. 2006-07-31 13:28:37 -07:00
nls Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ntfs [PATCH] lockdep: annotate NTFS locking rules 2006-07-03 15:27:08 -07:00
ocfs2 ocfs2: allocation hints 2006-08-07 11:07:01 -07:00
openpromfs
partitions [DISKLABEL] SUN: Fix signed int usage for sector count 2006-08-26 17:55:55 -07:00
proc [PATCH] /proc/meminfo: don't put spaces in names 2006-08-27 11:01:33 -07:00
qnx4 Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ramfs [PATCH] NOMMU: Fix execution off of ramfs with mmap() 2006-07-10 13:24:21 -07:00
reiserfs [PATCH] lockdep: annotate reiserfs 2006-08-27 11:01:32 -07:00
romfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
smbfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
sysfs [PATCH] lockdep: annotate the sysfs i_mutex to be a separate class 2006-07-12 12:52:54 -07:00
sysv [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
udf Fix possible UDF deadlock and memory corruption (CVE-2006-4145) 2006-08-22 12:52:23 -07:00
ufs [PATCH] ufs: truncate correction 2006-08-27 11:01:31 -07:00
vfat
xfs [XFS] Fix char size overflow in bmap_alloc call for unwritten extent 2006-08-30 13:41:58 +10:00
aio.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c [PATCH] FDPIC: Add coredump capability for the ELF-FDPIC binfmt 2006-07-10 13:24:22 -07:00
binfmt_elf.c [PATCH] FDPIC: Move roundup() into linux/kernel.h 2006-07-10 13:24:22 -07:00
binfmt_em86.c
binfmt_flat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
binfmt_misc.c
binfmt_script.c
binfmt_som.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
bio.c
block_dev.c [PATCH] lockdep: fix blkdev_open() warning 2006-08-27 11:01:29 -07:00
buffer.c [PATCH] invalidate_bdev() speedup 2006-07-31 13:28:38 -07:00
char_dev.c [PATCH] add function documentation for register_chrdev() 2006-07-14 21:53:54 -07:00
compat_ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
compat.c [PATCH] x86_64: Add compat_printk and sysctl to turn off compat layer warnings 2006-06-26 10:48:16 -07:00
dcache.c [PATCH] lockdep: annotate dcache 2006-07-03 15:27:06 -07:00
dcookies.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
direct-io.c [PATCH] lockdep: annotate direct io 2006-07-03 15:27:06 -07:00
dnotify.c [PATCH] Use __read_mostly on some hot fs variables 2006-03-26 08:56:56 -08:00
dquot.c
drop_caches.c
eventpoll.c [PATCH] eventpoll.c compile fix 2006-08-27 11:01:31 -07:00
exec.c [PATCH] fix up lockdep trace in fs/exec.c 2006-08-27 11:01:32 -07:00
fcntl.c
fifo.c
file_table.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
file.c [PATCH] alloc_fdtable() expansion fix 2006-07-12 12:52:55 -07:00
filesystems.c
fs-writeback.c [PATCH] zoned vm counters: conversion of nr_unstable to per zone counter 2006-06-30 11:25:36 -07:00
inode.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-06-30 15:39:30 -07:00
inotify_user.c [PATCH] inotify: fix deadlock found by lockdep 2006-07-31 13:28:41 -07:00
inotify.c
ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ioprio.c [PATCH] uninline ioprio_best() 2006-08-21 10:02:50 +02:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6 2006-07-13 16:38:58 -07:00
Kconfig.binfmt
libfs.c
locks.c [PATCH] fcntl(F_SETSIG) fix 2006-08-14 13:10:59 -07:00
Makefile [PATCH] devfs: Remove devfs from the kernel tree 2006-06-26 12:25:05 -07:00
mbcache.c
mpage.c
namei.c VFS: Fix access("file", X_OK) in the presence of ACLs 2006-08-24 15:54:58 -04:00
namespace.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
nfsctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
open.c
pipe.c
pnode.c
pnode.h
posix_acl.c
quota_v1.c
quota_v2.c
quota.c
read_write.c [PATCH] fs/read_write.c: EXPORT_UNUSED_SYMBOL 2006-07-10 13:24:18 -07:00
readdir.c
select.c
seq_file.c
splice.c [PATCH] splice: fix problems with sys_tee() 2006-07-10 11:00:01 +02:00
stat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
super.c [PATCH] add missing desctiption in super.c 2006-09-06 11:00:01 -07:00
sync.c
xattr_acl.c
xattr.c