reiserfs: add locking around error buffer

The formatting of the error buffer is race prone. It uses static buffers
for both formatting and output. While overwriting the error buffer
can product garbled output, overwriting the format buffer with incompatible
% directives can cause crashes.

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/fs/reiserfs/prints.c b/fs/reiserfs/prints.c
index b87b237..de71372 100644 (file)
--- a/fs/reiserfs/prints.c
+++ b/fs/reiserfs/prints.c
@@ -184,7 +184,7 @@ static char *is_there_reiserfs_struct(char *fmt, int *what)
    printk ("bad key %lu %lu %lu %lu", key->k_dir_id, key->k_objectid, 
            key->k_offset, key->k_uniqueness); 
 */
-
+static DEFINE_SPINLOCK(error_lock);
 static void prepare_error_buf(const char *fmt, va_list args)
 {
        char *fmt1 = fmt_buf;
@@ -192,6 +192,8 @@ static void prepare_error_buf(const char *fmt, va_list args)
        char *p = error_buf;
        int what;
 
+       spin_lock(&error_lock);
+
        strcpy(fmt1, fmt);
 
        while ((k = is_there_reiserfs_struct(fmt1, &what)) != NULL) {
@@ -237,6 +239,7 @@ static void prepare_error_buf(const char *fmt, va_list args)
                fmt1 = k + 2;
        }
        vsprintf(p, fmt1, args);
+       spin_unlock(&error_lock);
 
 }