[JFFS2] Fix unpoint length
authorAndy Lowe <alowe@mvista.com>
Fri, 12 Jan 2007 23:05:24 +0000 (18:05 -0500)
committerDavid Woodhouse <dwmw2@infradead.org>
Sun, 23 Sep 2007 17:41:17 +0000 (18:41 +0100)
Fix a couple of instances in JFFS2 where the unpoint() routine is
being called with the wrong length in cases where the point() routine
truncated a request.

Signed-off-by: Andy Lowe <alowe@mvista.com>
Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
fs/jffs2/erase.c
fs/jffs2/readinode.c
fs/jffs2/scan.c

index addd3fc0e8771f9762457bc205d35b45ad03c0ab..a1db9180633fcb3476757af80f22b3e6621f06d2 100644 (file)
@@ -340,7 +340,7 @@ static int jffs2_block_check_erase(struct jffs2_sb_info *c, struct jffs2_erasebl
                if (retlen < c->sector_size) {
                        /* Don't muck about if it won't let us point to the whole erase sector */
                        D1(printk(KERN_DEBUG "MTD point returned len too short: 0x%zx\n", retlen));
-                       c->mtd->unpoint(c->mtd, ebuf, jeb->offset, c->sector_size);
+                       c->mtd->unpoint(c->mtd, ebuf, jeb->offset, retlen);
                        goto do_flash_read;
                }
                wordebuf = ebuf-sizeof(*wordebuf);
index 8d4319c56b17e5dc815ef6143eac1a4e97f65808..2eae5d2dbebed3707bf9805675822527a922045e 100644 (file)
@@ -65,7 +65,7 @@ static int check_node_data(struct jffs2_sb_info *c, struct jffs2_tmp_dnode_info
                err = c->mtd->point(c->mtd, ofs, len, &retlen, &buffer);
                if (!err && retlen < tn->csize) {
                        JFFS2_WARNING("MTD point returned len too short: %zu instead of %u.\n", retlen, tn->csize);
-                       c->mtd->unpoint(c->mtd, buffer, ofs, len);
+                       c->mtd->unpoint(c->mtd, buffer, ofs, retlen);
                } else if (err)
                        JFFS2_WARNING("MTD point failed: error code %d.\n", err);
                else
index 59dd408e54326bb3b45cc746d326dee0cb943df0..35ef8d83366f1ab70f82436ec331ad5d62c13fec 100644 (file)
@@ -101,7 +101,7 @@ int jffs2_scan_medium(struct jffs2_sb_info *c)
                if (!ret && pointlen < c->mtd->size) {
                        /* Don't muck about if it won't let us point to the whole flash */
                        D1(printk(KERN_DEBUG "MTD point returned len too short: 0x%zx\n", pointlen));
-                       c->mtd->unpoint(c->mtd, flashbuf, 0, c->mtd->size);
+                       c->mtd->unpoint(c->mtd, flashbuf, 0, pointlen);
                        flashbuf = NULL;
                }
                if (ret)