search for: read_buf

...ged, 73 insertions(+), 108 deletions(-) diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c index eb4b458..2f43623 100644 --- a/fs/btrfs/send.c +++ b/fs/btrfs/send.c @@ -122,7 +122,6 @@ struct send_ctx { struct list_head name_cache_list; int name_cache_size; - struct file *cur_inode_filp; char *read_buf; }; @@ -2128,77 +2127,6 @@ out: } /* - * Called for regular files when sending extents data. Opens a struct file - * to read from the file. - */ -static int open_cur_inode_file(struct send_ctx *sctx) -{ - int ret = 0; - struct btrfs_key key; - struct path path; - struct inode *inode; - struc...

...nt N) { int ret; int total=0; @@ -272,7 +307,7 @@ static void readfd(int fd,char *buffer,i while (total < N) { io_flush(); - ret = read_unbuffered(fd,buffer + total,N-total); + ret = read_unbuffered (fd, buffer + total, N-total); total += ret; } @@ -322,14 +357,14 @@ void read_buf(int f,char *buf,int len) void read_sbuf(int f,char *buf,int len) { - read_buf(f,buf,len); + read_buf (f,buf,len); buf[len] = 0; } unsigned char read_byte(int f) { unsigned char c; - read_buf(f,(char *)&c,1); + read_buf (f, (char *)&c, 1); return c; } @@ -560,10 +595,10 @@...

...int32 ret; readfd(f,b,4); @@ -336,7 +343,7 @@ { extern int remote_version; int64 ret; - char b[8]; + unsigned char b[8]; ret = read_int(f); if ((int32)ret != (int32)0xffffffff) { @@ -356,13 +363,15 @@ return ret; } -void read_buf(int f,char *buf,int len) +void read_buf(int f, void *buf,int len) { readfd(f,buf,len); } -void read_sbuf(int f,char *buf,int len) +void read_sbuf(int f, void *buf1,int len) { +unsigned char * buf; + buf = (unsigned char *)buf1; read_buf (f,buf,len); buf[len]...

...edit Make room for trailing NULL and use read_sbuf $ ./rsync -v rsync version 3.1.3dev protocol version 31 code snippets are from receive_xattr in xattrs.c in receive_xattr a name is read from the sender. The sender sends the length of the name, and then sends the name. The name is read in via read_buf so it's not null terminated. 815 size_t name_len = read_varint(f); 826 read_buf(f, name, name_len); If the sender sent --filter that had an xattr filter then this name will be passed to name_is_excluded. 834 if (saw_xattr_filter) { 835 if (name_is_...

Hello, I'm currently try to get newhidups running with the newhidups driver from nut 2.0.2. After some USB issues (usb_claim_interface() works only as root so far) newhidups is recognizing the device. Though it doesn't detect any state changes, meaning when I run the battery test mode it's not recognized. I wanted to try the CVS version but it seems anonymous CVS is broken. The

...0x00007ffff791acc0 in __GI___chk_fail () at chk_fail.c:28 #5 0x00007ffff791ca17 in __fdelt_chk (d=d at entry=1606) at fdelt_chk.c:25 #6 0x0000555555584c78 in safe_read (fd=fd at entry=1606, buf=buf at entry=0x7fffffffa810 "\037", len=len at entry=4) at io.c:245 #7 0x0000555555585cfe in read_buf (f=f at entry=1606, buf=buf at entry=0x7fffffffa810 "\037", len=len at entry=4) at io.c:1815 #8 0x0000555555585ef6 in read_int (f=f at entry=1606) at io.c:1711 #9 0x00005555555876ed in setup_protocol (f_out=1605, f_in=1606) at compat.c:158 #10 0x0000555555576417 in client_run (f_in=1606...

...r */ + write_buf(local_socket, (char *)&offset, sizeof(offset)); + percent = offset * 100 / total_size; + } continue; } @@ -307,6 +328,12 @@ if (mapbuf) unmap_file(mapbuf); + if (f_in < 0) { + /* close fast copy handle -goldor */ + close(-f_in); + return 1; + } + read_buf(f_in, file_sum2, sum_len); if (verbose > 2) rprintf(FINFO,"got file_sum\n"); diff -au rsync-3.0.6/sender.c rsync-3.0.6.fast/sender.c --- rsync-3.0.6/sender.c 2009-04-12 22:48:59.000000000 +0300 +++ rsync-3.0.6.fast/sender.c 2009-09-23 22:24:59.000000000 +0300 @@ -35,6 +35,8 @@ ex...

...f87d7da3873 in select () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007f87d88dd7a2 in perform_io (needed=needed at entry=4, flags=flags at entry=17) at io.c:742 #2 0x00007f87d88deef7 in raw_read_int () at io.c:908 #3 0x00007f87d88df683 in read_a_msg () at io.c:1423 #4 0x00007f87d88e0676 in read_buf (f=f at entry=4, buf=buf at entry=0x7ffd814c0df0 "\300\037L\201\375\177", len=len at entry=1) at io.c:1835 #5 0x00007f87d88e157b in read_ndx (f=f at entry=4) at io.c:2222 #6 0x00007f87d88be377 in read_ndx_and_attrs (f_in=4, f_out=6, iflag_ptr=0x7ffd814c0f28, type_ptr=0x7ffd814c0f27 &q...

...#1 0x0000003ad7e20264 in __gconv () from /lib64/libc.so.6 #2 0x0000003ad7e1f83c in iconv () from /lib64/libc.so.6 #3 0x000000000040d252 in iconvbufs () #4 0x0000000000423bce in rwrite () #5 0x0000000000423505 in rprintf () #6 0x000000000042b911 in whine_about_eof () #7 0x000000000042f5e2 in read_buf () #8 0x000000000042fde1 in read_int () #9 0x000000000043055d in setup_protocol () #10 0x000000000041ffb8 in client_run () #11 0x00000000004209c6 in main () Please let us know if any additional information is needed for debugging. Regards, Balveer Singh -- You are receiving this mail because:...

...tice any so here it goes: sender.c:receive_sums() s->count = read_int(f); .. s->sums = (struct sum_buf *)malloc(sizeof(s->sums[0])*s->count); if (!s->sums) out_of_memory("receive_sums"); for (i=0; i < (int) s->count;i++) { s->sums[i].sum1 = read_int(f); read_buf(f,s->sums[i].sum2,csum_length); .. If I read this right, given high enough s->count makes the malloc() parameter wraps around to a few bytes while still reading data past it. Exploiting is probably pretty difficult if at all possible. There would have to be some interesting data after the...

...: Thread no. 1 (10 frames) #0 utf8_internal_loop at ../iconv/loop.c:331 #1 __gconv_transform_utf8_internal at ../iconv/skeleton.c:611 #2 __gconv at gconv.c:79 #3 iconv at iconv.c:52 #4 iconvbufs at rsync.c:209 #5 rwrite at log.c:374 #6 rprintf at log.c:433 #7 whine_about_eof at io.c:222 #8 read_buf at io.c:1825 #9 read_int at io.c:1720 Full backtrace is available at https://bugzilla.redhat.com/attachment.cgi?id=913207 . -- Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.

...n __GI___chk_fail () at chk_fail.c:28 > #5 0x00007ffff791ca17 in __fdelt_chk (d=d at entry=1606) at fdelt_chk.c:25 > #6 0x0000555555584c78 in safe_read (fd=fd at entry=1606, > buf=buf at entry=0x7fffffffa810 "\037", len=len at entry=4) at io.c:245 > #7 0x0000555555585cfe in read_buf (f=f at entry=1606, > buf=buf at entry=0x7fffffffa810 "\037", len=len at entry=4) at io.c:1815 > #8 0x0000555555585ef6 in read_int (f=f at entry=1606) at io.c:1711 > #9 0x00005555555876ed in setup_protocol (f_out=1605, f_in=1606) at compat.c:158 > #10 0x0000555555576417 in c...

...len) 692 || (dget_len + extra_len + name_len < dget_len)) 693 overflow_exit("receive_xattr"); 694 ptr = new_array(char, dget_len + extra_len + name_len); 695 if (!ptr) 696 out_of_memory("receive_xattr"); 697 name = ptr + dget_len + extra_len; 698 read_buf(f, name, name_len); >From the code we can see that the security checks at line 691 and line 692 aim to filter integer overflows. Specifically, a handler, i.e. function "overflow_exit" will be invoked if the first addition "dget_len + extra_len" overflows (protected by the ch...

Hi all, today we had a performance issue transfering a big amount of data where one file was over 50GB. Rsync was tunneled over SSH and we expected the data to be synced within hours. However after over 10 hours the data is still not synced ... The sending box has rsync running with 60-80 % CPU load (2GHz Pentium 4) while the receiver is nearly idle. So far I had no acces to the poblematic

...m=%ld\n", - (long) s->count, (long) s->n, (long) s->remainder); + (long) s->count, (long) s->blength, + (long) s->remainder); if (s->count == 0) return(s); @@ -66,7 +79,7 @@ for (i=0; i < (int) s->count;i++) { s->sums[i].sum1 = read_int(f); - read_buf(f,s->sums[i].sum2,csum_length); + read_buf(f,s->sums[i].sum2,s->s2length); s->sums[i].offset = offset; s->sums[i].i = i; @@ -74,7 +87,7 @@ if (i == (int) s->count-1 && s->remainder != 0) { s->sums[i].len = s->remainder; } else { - s->sums[i...

...c int receive_data(int f_in,struct exit_cleanup(RERR_FILEIO); } + if (do_fsync && (fd != -1) && (fsync(fd) != 0)) { + rprintf(FERROR, "fsync failed on %s: %s\n", + full_fname(fname), strerror(errno)); + exit_cleanup(RERR_FILEIO); + } + sum_end(file_sum1); read_buf(f_in,file_sum2,MD4_SUM_LENGTH); @@ -458,7 +465,11 @@ int recv_files(int f_in,struct file_list if (fd1 != -1) { close(fd1); } - close(fd2); + if (close(fd2) != 0) { + rprintf(FERROR, "close failed on %s: %s\n", + full_fname(fnametmp), strerror(errno)); + exit_cleanup(RER...

Hello, My configuration is : Card 0 - kernel dummy sound card Card 1 - my soundcard I have a jackd running in background. My jackd launch command is : jackd --port-max 16 --realtime --no-mlock -d alsa --playback hw:1,0 --capture hw:1,0 --rate 8000 --period 1024 --shorts --inchannels 2 --outchannels 2 --dither triangular & 1 ) I open asterisk with chan_alsa.so connected (with asoundrc) to

...4 in start_daemon () #11 0x00030088 in daemon_main () #12 0x0001a52c in main () server child process: #0 0xff19db44 in _poll () from /usr/lib/libc.so.1 #1 0xff15236c in _select () from /usr/lib/libc.so.1 #2 0x000251e0 in read_timeout () #3 0x00025cc4 in readfd_unbuffered () #4 0x0002651c in read_buf () #5 0x00028058 in recv_token () #6 0x0001418c in receive_data () #7 0x00014c08 in recv_files () #8 0x0001948c in do_recv () #9 0x000197f4 in start_server () #10 0x0002fec4 in start_daemon () #11 0x00030088 in daemon_main () #12 0x0001a52c in main () [sorry about lack of full debugging data...

...m=%ld\n", - (long) s->count, (long) s->n, (long) s->remainder); + (long) s->count, (long) s->blength, + (long) s->remainder); if (s->count == 0) return(s); @@ -66,7 +79,7 @@ for (i=0; i < (int) s->count;i++) { s->sums[i].sum1 = read_int(f); - read_buf(f,s->sums[i].sum2,csum_length); + read_buf(f,s->sums[i].sum2,s->s2length); s->sums[i].offset = offset; s->sums[i].i = i; @@ -74,7 +87,7 @@ if (i == (int) s->count-1 && s->remainder != 0) { s->sums[i].len = s->remainder; } else { - s->sums[i...

...t; } +static int send_hole(struct send_ctx *sctx, u64 end) +{ + struct fs_path *p = NULL; + u64 offset = sctx->cur_inode_last_extent; + u64 len; + int ret; + + p = fs_path_alloc(); + if (!p) + return -ENOMEM; + ret = open_cur_inode_file(sctx); + if (ret < 0) + goto out; + memset(sctx->read_buf, 0, BTRFS_SEND_READ_SIZE); + while (offset < end) { + len = min_t(u64, end - offset, BTRFS_SEND_READ_SIZE); + + ret = begin_cmd(sctx, BTRFS_SEND_C_WRITE); + if (ret < 0) + break; + ret = get_cur_path(sctx, sctx->cur_ino, sctx->cur_inode_gen, p); + if (ret < 0) + break; + TL...