|
|
f239de |
From 0111635ea5798f98665714e161c3c7746184a04b Mon Sep 17 00:00:00 2001
|
|
|
f239de |
From: Theodore Ts'o <tytso@mit.edu>
|
|
|
f239de |
Date: Tue, 23 Feb 2021 16:02:42 -0500
|
|
|
f239de |
Subject: [PATCH 21/46] Add checks for fs->blocksize == 0 which could cause
|
|
|
f239de |
some crashes
|
|
|
f239de |
Content-Type: text/plain
|
|
|
f239de |
|
|
|
f239de |
This should never happeb, but some checks is useful, and also fixes
|
|
|
f239de |
some Coverity warnings.
|
|
|
f239de |
|
|
|
f239de |
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
|
|
f239de |
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
|
|
|
f239de |
---
|
|
|
f239de |
debugfs/do_journal.c | 2 --
|
|
|
f239de |
lib/ext2fs/csum.c | 3 +++
|
|
|
f239de |
lib/ext2fs/ext2_err.et.in | 3 +++
|
|
|
f239de |
lib/ext2fs/inode.c | 4 ++++
|
|
|
f239de |
misc/e2image.c | 5 +++--
|
|
|
f239de |
5 files changed, 13 insertions(+), 4 deletions(-)
|
|
|
f239de |
|
|
|
f239de |
diff --git a/debugfs/do_journal.c b/debugfs/do_journal.c
|
|
|
f239de |
index 5091a530..8261fa95 100644
|
|
|
f239de |
--- a/debugfs/do_journal.c
|
|
|
f239de |
+++ b/debugfs/do_journal.c
|
|
|
f239de |
@@ -528,8 +528,6 @@ static errcode_t journal_write(journal_t *journal,
|
|
|
f239de |
}
|
|
|
f239de |
|
|
|
f239de |
err = journal_close_trans(&trans);
|
|
|
f239de |
- if (err)
|
|
|
f239de |
- goto error;
|
|
|
f239de |
error:
|
|
|
f239de |
return err;
|
|
|
f239de |
}
|
|
|
f239de |
diff --git a/lib/ext2fs/csum.c b/lib/ext2fs/csum.c
|
|
|
f239de |
index 2151003b..28b3bb05 100644
|
|
|
f239de |
--- a/lib/ext2fs/csum.c
|
|
|
f239de |
+++ b/lib/ext2fs/csum.c
|
|
|
f239de |
@@ -263,6 +263,9 @@ static errcode_t __get_dirent_tail(ext2_filsys fs,
|
|
|
f239de |
errcode_t retval = 0;
|
|
|
f239de |
__u16 (*translate)(__u16) = (need_swab ? disk_to_host16 : do_nothing16);
|
|
|
f239de |
|
|
|
f239de |
+ if (fs->blocksize < 1024)
|
|
|
f239de |
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
|
|
|
f239de |
+
|
|
|
f239de |
d = dirent;
|
|
|
f239de |
top = EXT2_DIRENT_TAIL(dirent, fs->blocksize);
|
|
|
f239de |
|
|
|
f239de |
diff --git a/lib/ext2fs/ext2_err.et.in b/lib/ext2fs/ext2_err.et.in
|
|
|
f239de |
index 0c76fee6..cf0e00ea 100644
|
|
|
f239de |
--- a/lib/ext2fs/ext2_err.et.in
|
|
|
f239de |
+++ b/lib/ext2fs/ext2_err.et.in
|
|
|
f239de |
@@ -548,4 +548,7 @@ ec EXT2_ET_EA_INODE_CORRUPTED,
|
|
|
f239de |
ec EXT2_ET_NO_GDESC,
|
|
|
f239de |
"Group descriptors not loaded"
|
|
|
f239de |
|
|
|
f239de |
+ec EXT2_FILSYS_CORRUPTED,
|
|
|
f239de |
+ "The internal ext2_filsys data structure appears to be corrupted"
|
|
|
f239de |
+
|
|
|
f239de |
end
|
|
|
f239de |
diff --git a/lib/ext2fs/inode.c b/lib/ext2fs/inode.c
|
|
|
f239de |
index c4377eeb..6f42882e 100644
|
|
|
f239de |
--- a/lib/ext2fs/inode.c
|
|
|
f239de |
+++ b/lib/ext2fs/inode.c
|
|
|
f239de |
@@ -144,6 +144,8 @@ errcode_t ext2fs_open_inode_scan(ext2_filsys fs, int buffer_blocks,
|
|
|
f239de |
errcode_t (*save_get_blocks)(ext2_filsys f, ext2_ino_t ino, blk_t *blocks);
|
|
|
f239de |
|
|
|
f239de |
EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
|
|
|
f239de |
+ if (fs->blocksize < 1024)
|
|
|
f239de |
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
|
|
|
f239de |
|
|
|
f239de |
/*
|
|
|
f239de |
* If fs->badblocks isn't set, then set it --- since the inode
|
|
|
f239de |
@@ -764,6 +766,8 @@ errcode_t ext2fs_read_inode2(ext2_filsys fs, ext2_ino_t ino,
|
|
|
f239de |
int cache_slot, fail_csum;
|
|
|
f239de |
|
|
|
f239de |
EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
|
|
|
f239de |
+ if (fs->blocksize < 1024)
|
|
|
f239de |
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
|
|
|
f239de |
|
|
|
f239de |
/* Check to see if user has an override function */
|
|
|
f239de |
if (fs->read_inode &&
|
|
|
f239de |
diff --git a/misc/e2image.c b/misc/e2image.c
|
|
|
f239de |
index 892c5371..195fabb2 100644
|
|
|
f239de |
--- a/misc/e2image.c
|
|
|
f239de |
+++ b/misc/e2image.c
|
|
|
f239de |
@@ -892,8 +892,9 @@ static errcode_t initialize_qcow2_image(int fd, ext2_filsys fs,
|
|
|
f239de |
int cluster_bits = get_bits_from_size(fs->blocksize);
|
|
|
f239de |
struct ext2_super_block *sb = fs->super;
|
|
|
f239de |
|
|
|
f239de |
- if (fs->blocksize < 1024)
|
|
|
f239de |
- return EINVAL; /* Can never happen, but just in case... */
|
|
|
f239de |
+ /* Sbould never happen, but just in case... */
|
|
|
f239de |
+ if (cluster_bits < 0)
|
|
|
f239de |
+ return EXT2_FILSYS_CORRUPTED;
|
|
|
f239de |
|
|
|
f239de |
/* Allocate header */
|
|
|
f239de |
ret = ext2fs_get_memzero(sizeof(struct ext2_qcow2_hdr), &header);
|
|
|
f239de |
--
|
|
|
f239de |
2.35.1
|
|
|
f239de |
|