projects / yaffs2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: d22f345)
yaffs: Fix issues kicked up by fuzz testing
authorCharles Manning <cdhmanning@gmail.com>
Wed, 4 Aug 2010 02:04:13 +0000 (14:04 +1200)
committerCharles Manning <cdhmanning@gmail.com>
Wed, 4 Aug 2010 02:04:13 +0000 (14:04 +1200)
Some more problems kicked up by fuzz testing:
* Further verification of chunk tags.
* If loading details for root dir or lost+found then don't change the
*  variant type since we know they are directories.

Signed-off-by: Charles Manning <cdhmanning@gmail.com>
yaffs_yaffs2.c patch | blob | history

diff --git a/yaffs_yaffs2.c b/yaffs_yaffs2.c
index ab175b9e24d3fbae9aa0afaf74e894c3670c49dd..94ba7df34541c72d75d58aa7ea74c214eeca32b3 100644 (file)
--- a/yaffs_yaffs2.c
+++ b/yaffs_yaffs2.c
@@ -1132,7 +1132,8 @@ int yaffs2_ScanBackwards(yaffs_Device *dev)
 
                        } else if (tags.objectId > YAFFS_MAX_OBJECT_ID ||
                                tags.chunkId > YAFFS_MAX_CHUNK_ID ||
-                               (tags.chunkId > 0 && tags.byteCount > dev->nDataBytesPerChunk)) {
+                               (tags.chunkId > 0 && tags.byteCount > dev->nDataBytesPerChunk) ||
+                               tags.sequenceNumber != bi->sequenceNumber ) {
                                T(YAFFS_TRACE_SCAN,
                                  (TSTR("Chunk (%d:%d) with bad tags:obj = %d, chunkId = %d, byteCount = %d, ignored"TENDSTR),
                                  blk, c,tags.objectId, tags.chunkId, tags.byteCount));
@@ -1313,7 +1314,6 @@ int yaffs2_ScanBackwards(yaffs_Device *dev)
                                        in->valid = 1;
 
                                        if (oh) {
-                                               in->variantType = oh->type;
 
                                                in->yst_mode = oh->yst_mode;
 #ifdef CONFIG_YAFFS_WINCE
@@ -1331,11 +1331,11 @@ int yaffs2_ScanBackwards(yaffs_Device *dev)
                                                in->yst_ctime = oh->yst_ctime;
                                                in->yst_rdev = oh->yst_rdev;
 
+                                               in->lazyLoaded = 0;
+
 #endif
-                                       } else {
-                                               in->variantType = tags.extraObjectType;
+                                       } else
                                                in->lazyLoaded = 1;
-                                       }
 
                                        in->hdrChunk = chunk;
 
The YAFFS2 repository.