From: Eric Sandeen <sandeen@sandeen.net>
To: xfs@oss.sgi.com
Subject: Re: [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore
Date: Wed, 2 Dec 2015 22:54:19 -0600 [thread overview]
Message-ID: <565FCAFB.5020502@sandeen.net> (raw)
In-Reply-To: <1449055167-19936-6-git-send-email-t.vivek@samsung.com>
On 12/2/15 5:19 AM, Vivek Trivedi wrote:
> fix error reported by coverity - Integer overflowed argument
>
> also, add print incase of invalid read count to get more debug
> information.
>
> Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
> ---
> mdrestore/xfs_mdrestore.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/mdrestore/xfs_mdrestore.c b/mdrestore/xfs_mdrestore.c
> index 5764616..a87a091 100644
> --- a/mdrestore/xfs_mdrestore.c
> +++ b/mdrestore/xfs_mdrestore.c
> @@ -93,6 +93,10 @@ perform_restore(
> block_index = (__be64 *)((char *)metablock + sizeof(xfs_metablock_t));
> block_buffer = (char *)metablock + block_size;
>
> + if (block_size < sizeof(tmb))
> + fatal("bad read count, block_size: %d, tmb size %d\n",
> + block_size, sizeof(tmb));
> +
block_size is block_size = 1 << tmb.mb_blocklog; where mb_blocklog is
always metablock->mb_blocklog = BBSHIFT;, so block_size is always 512.
On the other hand, sizeof(tmb) is simply 8.
There seems to be no possible path for this to be a problem, so it hardly
seems worth the printf.
Would an ASSERT(block_size >= sizeof(tmb)) make coverity happy?
-Eric
> if (fread(block_index, block_size - sizeof(tmb), 1, src_f) != 1)
> fatal("error reading from file: %s\n", strerror(errno));
>
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2015-12-03 4:54 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-02 11:19 [PATCH 00/11] xfsprogs misc fixes Vivek Trivedi
2015-12-02 11:19 ` [PATCH 01/11] xfsprogs: xfs_io: fix a memory leak in imap_f Vivek Trivedi
2015-12-02 17:55 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 02/11] xfsprogs: fix integer overflow in xlog_find_verify_cycle Vivek Trivedi
2015-12-02 17:58 ` Eric Sandeen
2015-12-03 5:49 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 03/11] xfsprogs: mkfs: fix unintentional integer overflow Vivek Trivedi
2015-12-03 3:34 ` Eric Sandeen
2015-12-03 5:54 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 04/11] xfsprogs: xfsdb: remove unnessary checks in process_leaf_node_dir_v2_free Vivek Trivedi
2015-12-03 5:57 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore Vivek Trivedi
2015-12-03 4:54 ` Eric Sandeen [this message]
2015-12-03 5:59 ` Dave Chinner
2015-12-03 6:05 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 06/11] xfsprogs: xfs_db: check null derefernce after block_to_bt Vivek Trivedi
2015-12-03 5:43 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 07/11] xfsprogs: xfs_fsr: replace sprintf with snprintf to avoid buffer overflow Vivek Trivedi
2015-12-03 5:44 ` Eric Sandeen
2015-12-03 6:07 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 08/11] xfsprogs: xfs_repair: fix possible null dereference in build_ino_tree Vivek Trivedi
2015-12-03 6:19 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 09/11] xfsprogs: xfs_repair: fix possible null dereference in traverse_int_dir2block Vivek Trivedi
2015-12-03 5:51 ` Eric Sandeen
2015-12-03 6:22 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 10/11] xfsprogs: fix possible null pointer dereference in xfs_iformat_extents Vivek Trivedi
2015-12-03 6:31 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 11/11] xfsprogs: xfs_repair: fix possible null pointer dereference in mark_standalone_inodes Vivek Trivedi
2015-12-03 6:34 ` Dave Chinner
2015-12-02 15:10 ` [PATCH 00/11] xfsprogs misc fixes Eric Sandeen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=565FCAFB.5020502@sandeen.net \
--to=sandeen@sandeen.net \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.