Blame SOURCES/e2fsprogs-1.45.6-Add-checks-for-fs-blocksize-0-which-could-cause-some.patch

f239de
From 0111635ea5798f98665714e161c3c7746184a04b Mon Sep 17 00:00:00 2001
f239de
From: Theodore Ts'o <tytso@mit.edu>
f239de
Date: Tue, 23 Feb 2021 16:02:42 -0500
f239de
Subject: [PATCH 21/46] Add checks for fs->blocksize == 0 which could cause
f239de
 some crashes
f239de
Content-Type: text/plain
f239de
f239de
This should never happeb, but some checks is useful, and also fixes
f239de
some Coverity warnings.
f239de
f239de
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
f239de
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
f239de
---
f239de
 debugfs/do_journal.c      | 2 --
f239de
 lib/ext2fs/csum.c         | 3 +++
f239de
 lib/ext2fs/ext2_err.et.in | 3 +++
f239de
 lib/ext2fs/inode.c        | 4 ++++
f239de
 misc/e2image.c            | 5 +++--
f239de
 5 files changed, 13 insertions(+), 4 deletions(-)
f239de
f239de
diff --git a/debugfs/do_journal.c b/debugfs/do_journal.c
f239de
index 5091a530..8261fa95 100644
f239de
--- a/debugfs/do_journal.c
f239de
+++ b/debugfs/do_journal.c
f239de
@@ -528,8 +528,6 @@ static errcode_t journal_write(journal_t *journal,
f239de
 	}
f239de
 
f239de
 	err = journal_close_trans(&trans);
f239de
-	if (err)
f239de
-		goto error;
f239de
 error:
f239de
 	return err;
f239de
 }
f239de
diff --git a/lib/ext2fs/csum.c b/lib/ext2fs/csum.c
f239de
index 2151003b..28b3bb05 100644
f239de
--- a/lib/ext2fs/csum.c
f239de
+++ b/lib/ext2fs/csum.c
f239de
@@ -263,6 +263,9 @@ static errcode_t __get_dirent_tail(ext2_filsys fs,
f239de
 	errcode_t retval = 0;
f239de
 	__u16 (*translate)(__u16) = (need_swab ? disk_to_host16 : do_nothing16);
f239de
 
f239de
+	if (fs->blocksize < 1024)
f239de
+		return EXT2_FILSYS_CORRUPTED; /* Should never happen */
f239de
+
f239de
 	d = dirent;
f239de
 	top = EXT2_DIRENT_TAIL(dirent, fs->blocksize);
f239de
 
f239de
diff --git a/lib/ext2fs/ext2_err.et.in b/lib/ext2fs/ext2_err.et.in
f239de
index 0c76fee6..cf0e00ea 100644
f239de
--- a/lib/ext2fs/ext2_err.et.in
f239de
+++ b/lib/ext2fs/ext2_err.et.in
f239de
@@ -548,4 +548,7 @@ ec	EXT2_ET_EA_INODE_CORRUPTED,
f239de
 ec	EXT2_ET_NO_GDESC,
f239de
 	"Group descriptors not loaded"
f239de
 
f239de
+ec	EXT2_FILSYS_CORRUPTED,
f239de
+	"The internal ext2_filsys data structure appears to be corrupted"
f239de
+
f239de
 	end
f239de
diff --git a/lib/ext2fs/inode.c b/lib/ext2fs/inode.c
f239de
index c4377eeb..6f42882e 100644
f239de
--- a/lib/ext2fs/inode.c
f239de
+++ b/lib/ext2fs/inode.c
f239de
@@ -144,6 +144,8 @@ errcode_t ext2fs_open_inode_scan(ext2_filsys fs, int buffer_blocks,
f239de
 	errcode_t (*save_get_blocks)(ext2_filsys f, ext2_ino_t ino, blk_t *blocks);
f239de
 
f239de
 	EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
f239de
+	if (fs->blocksize < 1024)
f239de
+		return EXT2_FILSYS_CORRUPTED; /* Should never happen */
f239de
 
f239de
 	/*
f239de
 	 * If fs->badblocks isn't set, then set it --- since the inode
f239de
@@ -764,6 +766,8 @@ errcode_t ext2fs_read_inode2(ext2_filsys fs, ext2_ino_t ino,
f239de
 	int		cache_slot, fail_csum;
f239de
 
f239de
 	EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
f239de
+	if (fs->blocksize < 1024)
f239de
+		return EXT2_FILSYS_CORRUPTED; /* Should never happen */
f239de
 
f239de
 	/* Check to see if user has an override function */
f239de
 	if (fs->read_inode &&
f239de
diff --git a/misc/e2image.c b/misc/e2image.c
f239de
index 892c5371..195fabb2 100644
f239de
--- a/misc/e2image.c
f239de
+++ b/misc/e2image.c
f239de
@@ -892,8 +892,9 @@ static errcode_t initialize_qcow2_image(int fd, ext2_filsys fs,
f239de
 	int cluster_bits = get_bits_from_size(fs->blocksize);
f239de
 	struct ext2_super_block *sb = fs->super;
f239de
 
f239de
-	if (fs->blocksize < 1024)
f239de
-		return EINVAL;	/* Can never happen, but just in case... */
f239de
+	/* Sbould never happen, but just in case... */
f239de
+	if (cluster_bits < 0)
f239de
+		return EXT2_FILSYS_CORRUPTED;
f239de
 
f239de
 	/* Allocate header */
f239de
 	ret = ext2fs_get_memzero(sizeof(struct ext2_qcow2_hdr), &header);
f239de
-- 
f239de
2.35.1
f239de