vsprintf will consume varargs on its own. Skipping them manually
results in garbage in the error buffer, or Oopses in the case of
pointers.
This patch removes the advancement and fixes a number of bugs where
crashes were observed as side effects of a regular error report.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-static char *is_there_reiserfs_struct(char *fmt, int *what, int *skip)
+static char *is_there_reiserfs_struct(char *fmt, int *what)
while ((k = strchr(k, '%')) != NULL) {
if (k[1] == 'k' || k[1] == 'K' || k[1] == 'h' || k[1] == 't' ||
k[1] == 'z' || k[1] == 'b' || k[1] == 'y' || k[1] == 'a') {
*what = k[1];
break;
}
while ((k = strchr(k, '%')) != NULL) {
if (k[1] == 'k' || k[1] == 'K' || k[1] == 'h' || k[1] == 't' ||
k[1] == 'z' || k[1] == 'b' || k[1] == 'y' || k[1] == 'a') {
*what = k[1];
break;
}
char *fmt1 = fmt_buf;
char *k;
char *p = error_buf;
char *fmt1 = fmt_buf;
char *k;
char *p = error_buf;
- while ((k = is_there_reiserfs_struct(fmt1, &what, &skip)) != NULL) {
+ while ((k = is_there_reiserfs_struct(fmt1, &what)) != NULL) {
*k = 0;
p += vsprintf(p, fmt1, args);
*k = 0;
p += vsprintf(p, fmt1, args);
- for (i = 0; i < skip; i++)
- j = va_arg(args, int);
-
switch (what) {
case 'k':
sprintf_le_key(p, va_arg(args, struct reiserfs_key *));
switch (what) {
case 'k':
sprintf_le_key(p, va_arg(args, struct reiserfs_key *));