From: Theodore Ts'o <tytso@mit.edu>
To: Ext4 Developers List <linux-ext4@vger.kernel.org>
Cc: Eric Sesterhenn <snakebyte@gmx.de>, Theodore Ts'o <tytso@mit.edu>
Subject: [PATCH] libext2fs: Add sanity checks to ext2fs_{block,inode}_alloc_stats
Date: Thu, 22 Jan 2009 16:33:03 -0500 [thread overview]
Message-ID: <1232659984-10183-3-git-send-email-tytso@mit.edu> (raw)
In-Reply-To: <1232659984-10183-2-git-send-email-tytso@mit.edu>
If ext2fs_inode_alloc_stats2() or ext2fs_block_alloc_stats() is passed
an insanely large inode or block number, it's possible for these
functions to overrun an array boundary and cause the calling program
to crash with a memory error.
Detect this case, and since these functions don't return an error
code, print a warning message, much like we do in ext2fs_warn_bitmap2().
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---
lib/ext2fs/alloc_stats.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/lib/ext2fs/alloc_stats.c b/lib/ext2fs/alloc_stats.c
index 97661dc..d523b43 100644
--- a/lib/ext2fs/alloc_stats.c
+++ b/lib/ext2fs/alloc_stats.c
@@ -20,6 +20,13 @@ void ext2fs_inode_alloc_stats2(ext2_filsys fs, ext2_ino_t ino,
{
int group = ext2fs_group_of_ino(fs, ino);
+#ifndef OMIT_COM_ERR
+ if (ino > fs->super->s_inodes_count) {
+ com_err("ext2fs_inode_alloc_stats2", 0,
+ "Illegal inode number: %lu", ino);
+ return;
+ }
+#endif
if (inuse > 0)
ext2fs_mark_inode_bitmap(fs->inode_map, ino);
else
@@ -58,6 +65,13 @@ void ext2fs_block_alloc_stats(ext2_filsys fs, blk_t blk, int inuse)
{
int group = ext2fs_group_of_blk(fs, blk);
+#ifndef OMIT_COM_ERR
+ if (blk >= fs->super->s_blocks_count) {
+ com_err("ext2fs_block_alloc_stats2", 0,
+ "Illegal block number: %lu", blk);
+ return;
+ }
+#endif
if (inuse > 0)
ext2fs_mark_block_bitmap(fs->block_map, blk);
else
--
1.6.0.4.8.g36f27.dirty
next prev parent reply other threads:[~2009-01-22 21:33 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-22 8:56 (unknown) Eric Sesterhenn
2009-01-22 11:12 ` e2fsck faults with corrupted images Eric Sesterhenn
2009-01-22 21:12 ` Theodore Tso
2009-01-22 21:32 ` [PATCH] e2fsck: Add superblock check to make sure s_first_ino is valid Theodore Ts'o
2009-01-22 21:32 ` [PATCH] ext2fs_new_inode(): Add sanity check to assure a valid inode number Theodore Ts'o
2009-01-22 21:32 ` [PATCH] libext2fs: Add sanity checks to ext2fs_{block,inode}_alloc_stats Theodore Ts'o
2009-01-22 21:32 ` [PATCH] e2fsck: Change PR_3_CREATE_LPF_ERROR to be a non-fatal problem Theodore Ts'o
2009-01-22 21:33 ` [PATCH] e2fsck: Add superblock check to make sure s_first_ino is valid Theodore Ts'o
2009-01-22 21:33 ` [PATCH] ext2fs_new_inode(): Add sanity check to assure a valid inode number Theodore Ts'o
2009-01-22 21:33 ` Theodore Ts'o [this message]
2009-01-22 21:33 ` [PATCH] e2fsck: Change PR_3_CREATE_LPF_ERROR to be a non-fatal problem Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1232659984-10183-3-git-send-email-tytso@mit.edu \
--to=tytso@mit.edu \
--cc=linux-ext4@vger.kernel.org \
--cc=snakebyte@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).