Two suggested change in temp buffer management:

1.	When format disk before mounted, the buffer is not allocated and may
return NULL buffer pointers.
2.	The size of unmanaged buffer should use total_bytes_per_chunk,
otherwise it will cause buffer overflow in inband tag mode.

 

diff --git a/yaffs_guts.c b/yaffs_guts.c

index c52ff84..94177df 100644

--- a/yaffs_guts.c

+++ b/yaffs_guts.c

@@ -147,7 +147,7 @@ u8 *yaffs_get_temp_buffer(struct yaffs_dev * dev)

                       dev->max_temp = dev->temp_in_use;

            for (i = 0; i < YAFFS_N_TEMP_BUFFERS; i++) {

-                      if (dev->temp_buffer[i].in_use == 0) {

+                      if (dev->temp_buffer[i].in_use == 0 &&
dev->temp_buffer[i].buffer) {

                                   dev->temp_buffer[i].in_use = 1;

                                   return dev->temp_buffer[i].buffer;

                       }

@@ -160,7 +160,7 @@ u8 *yaffs_get_temp_buffer(struct yaffs_dev * dev)

            */

            dev->unmanaged_buffer_allocs++;

-          return kmalloc(dev->data_bytes_per_chunk, GFP_NOFS);

+          return kmalloc(dev->param.total_bytes_per_chunk, GFP_NOFS);

 }