From 1909fa3ca1ab3cdd476c7af1d07876cbca53d4e4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 28 May 2025 12:15:01 +0200 Subject: [PATCH] smbd: Simplify inotify_handler() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Now that we don't have to calculate "e2" anymore, we can simplify the loop walking the buffer. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15864 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Mon Jun 2 18:10:20 UTC 2025 on atb-devel-224 --- source3/smbd/notify_inotify.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/source3/smbd/notify_inotify.c b/source3/smbd/notify_inotify.c index d19b4a4cb65..4275b221440 100644 --- a/source3/smbd/notify_inotify.c +++ b/source3/smbd/notify_inotify.c @@ -423,14 +423,21 @@ static void inotify_handler(struct tevent_context *ev, struct tevent_fd *fde, e = (struct inotify_event *)buf; /* we can get more than one event in the buffer */ - while (e && (bufsize >= sizeof(*e))) { - struct inotify_event *e2 = NULL; - bufsize -= e->len + sizeof(*e); - if (bufsize >= sizeof(*e)) { - e2 = (struct inotify_event *)(e->len + sizeof(*e) + (char *)e); + while (bufsize >= sizeof(struct inotify_event)) { + size_t e_len = sizeof(struct inotify_event) + e->len; + + if ((e_len < sizeof(struct inotify_event)) || + (e_len > bufsize)) + { + DBG_ERR("Invalid data from inotify\n"); + TALLOC_FREE(fde); + return; } + inotify_dispatch(ev, in, e); - e = e2; + + e = (struct inotify_event *)((char *)e + e_len); + bufsize -= e_len; } } -- 2.47.2