Fix for buffer overflow in ldm_frag_add not sufficient
[linux-2.6.git] / fs / partitions / osf.c
1 /*
2  *  fs/partitions/osf.c
3  *
4  *  Code extracted from drivers/block/genhd.c
5  *
6  *  Copyright (C) 1991-1998  Linus Torvalds
7  *  Re-organised Feb 1998 Russell King
8  */
9
10 #include "check.h"
11 #include "osf.h"
12
13 #define MAX_OSF_PARTITIONS 18
14
15 int osf_partition(struct parsed_partitions *state)
16 {
17         int i;
18         int slot = 1;
19         unsigned int npartitions;
20         Sector sect;
21         unsigned char *data;
22         struct disklabel {
23                 __le32 d_magic;
24                 __le16 d_type,d_subtype;
25                 u8 d_typename[16];
26                 u8 d_packname[16];
27                 __le32 d_secsize;
28                 __le32 d_nsectors;
29                 __le32 d_ntracks;
30                 __le32 d_ncylinders;
31                 __le32 d_secpercyl;
32                 __le32 d_secprtunit;
33                 __le16 d_sparespertrack;
34                 __le16 d_sparespercyl;
35                 __le32 d_acylinders;
36                 __le16 d_rpm, d_interleave, d_trackskew, d_cylskew;
37                 __le32 d_headswitch, d_trkseek, d_flags;
38                 __le32 d_drivedata[5];
39                 __le32 d_spare[5];
40                 __le32 d_magic2;
41                 __le16 d_checksum;
42                 __le16 d_npartitions;
43                 __le32 d_bbsize, d_sbsize;
44                 struct d_partition {
45                         __le32 p_size;
46                         __le32 p_offset;
47                         __le32 p_fsize;
48                         u8  p_fstype;
49                         u8  p_frag;
50                         __le16 p_cpg;
51                 } d_partitions[MAX_OSF_PARTITIONS];
52         } * label;
53         struct d_partition * partition;
54
55         data = read_part_sector(state, 0, &sect);
56         if (!data)
57                 return -1;
58
59         label = (struct disklabel *) (data+64);
60         partition = label->d_partitions;
61         if (le32_to_cpu(label->d_magic) != DISKLABELMAGIC) {
62                 put_dev_sector(sect);
63                 return 0;
64         }
65         if (le32_to_cpu(label->d_magic2) != DISKLABELMAGIC) {
66                 put_dev_sector(sect);
67                 return 0;
68         }
69         npartitions = le16_to_cpu(label->d_npartitions);
70         if (npartitions > MAX_OSF_PARTITIONS) {
71                 put_dev_sector(sect);
72                 return 0;
73         }
74         for (i = 0 ; i < npartitions; i++, partition++) {
75                 if (slot == state->limit)
76                         break;
77                 if (le32_to_cpu(partition->p_size))
78                         put_partition(state, slot,
79                                 le32_to_cpu(partition->p_offset),
80                                 le32_to_cpu(partition->p_size));
81                 slot++;
82         }
83         strlcat(state->pp_buf, "\n", PAGE_SIZE);
84         put_dev_sector(sect);
85         return 1;
86 }