From: NeilBrown <neilb@suse.de>
Date: Fri, 4 Mar 2011 01:47:31 +0000 (+1100)
Subject: stateblock: fix range check on maxsnapshot
X-Git-Url: http://git.neil.brown.name/?a=commitdiff_plain;h=406956c0baac95ae27d49ec4ad1aa73b588771b6;p=LaFS.git

stateblock: fix range check on maxsnapshot

Signed-off-by: NeilBrown <neilb@suse.de>
---

diff --git a/super.c b/super.c
index 574952c..53ca542 100644
--- a/super.c
+++ b/super.c
@@ -199,9 +199,10 @@ valid_stateblock(struct lafs_state *st, struct lafs_dev *dv)
 
 	if (memcmp(st->uuid, dv->uuid, 16))
 		return 0;
-	/* FIXME cannot quite be that big! */
-	if (le32_to_cpu(st->maxsnapshot) > (1<<(dv->statebits-3)))
-		return 0;
+
+	if (sizeof(*st) + le32_to_cpu(st->maxsnapshot) * 8
+	    > (1<<dv->statebits))
+ 		return 0;
 
 	return 1;
 }