From: Dave Chinner <david@fromorbit.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: xfs@oss.sgi.com
Subject: Re: [PATCH] repair: validate acl count before reading it
Date: Wed, 16 Nov 2011 11:23:23 +1100 [thread overview]
Message-ID: <20111116002323.GW5534@dastard> (raw)
In-Reply-To: <20111115080714.GA24931@infradead.org>
On Tue, Nov 15, 2011 at 03:07:15AM -0500, Christoph Hellwig wrote:
> This prevents a segfault on a filesystem so badly corrupted by the RAID
> controller that it could be considered fuzzed.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
>
> Index: xfsprogs-dev/repair/attr_repair.c
> ===================================================================
> --- xfsprogs-dev.orig/repair/attr_repair.c 2011-11-14 20:03:27.000000000 +0000
> +++ xfsprogs-dev/repair/attr_repair.c 2011-11-14 20:20:55.000000000 +0000
> @@ -931,8 +931,8 @@ process_longform_attr(
> }
>
>
> -static xfs_acl_t *
> -xfs_acl_from_disk(xfs_acl_disk_t *dacl)
> +static int
> +xfs_acl_from_disk(struct xfs_acl **aclp, struct xfs_acl_disk *dacl)
> {
> int count;
> xfs_acl_t *acl;
> @@ -940,10 +940,22 @@ xfs_acl_from_disk(xfs_acl_disk_t *dacl)
> xfs_acl_entry_disk_t *dace, *end;
>
> count = be32_to_cpu(dacl->acl_cnt);
> + if (count > XFS_ACL_MAX_ENTRIES) {
> + do_warn(_("to larget ACL, size %d"), count);
"Too many ACL entries, count %d\n"
> + *aclp = NULL;
> + return EINVAL;
> + }
> +
> +
> end = &dacl->acl_entry[0] + count;
> acl = malloc((int)((char *)end - (char *)dacl));
> - if (!acl)
> - return NULL;
> + if (!acl) {
> + do_warn(_("cannot malloc enough for ACL attribute\n"));
> + do_warn(_("SKIPPING this ACL\n"));
Should you put that same "Skipping" message for all the error cases?
FWIW, should that status be stored somewhere so that when repair
completes it can emit a warning saying something like:
WARNING: ACLs were not correctly validated. You need to ensure ACLs are
consistently and appropriately applied to your filesytem.
Regardless, that can be done as a separate patch.
Reviewed-by: Dave Chinner <dchinner@redhat.com>
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2011-11-16 0:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-15 8:07 [PATCH] repair: validate acl count before reading it Christoph Hellwig
2011-11-16 0:23 ` Dave Chinner [this message]
2011-11-16 7:58 ` Christoph Hellwig
2012-01-27 19:54 ` Mark Tinguely
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111116002323.GW5534@dastard \
--to=david@fromorbit.com \
--cc=hch@infradead.org \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.