* [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents
@ 2014-04-13 15:35 Dmitry Monakhov
2014-04-13 15:36 ` [PATCH 2/3] ext4: always check ext4_ext_find_extent result Dmitry Monakhov
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Dmitry Monakhov @ 2014-04-13 15:35 UTC (permalink / raw)
To: linux-ext4; +Cc: tytso, Dmitry Monakhov
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
---
fs/ext4/extents.c | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 96e0a4b..38be063 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -5314,11 +5314,18 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle,
* enough to accomodate the shift.
*/
path = ext4_ext_find_extent(inode, start - 1, NULL, 0);
+ if (IS_ERR(path))
+ return PTR_ERR(path);
depth = path->p_depth;
extent = path[depth].p_ext;
- ex_start = le32_to_cpu(extent->ee_block);
- ex_end = le32_to_cpu(extent->ee_block) +
+ if (extent) {
+ ex_start = le32_to_cpu(extent->ee_block);
+ ex_end = le32_to_cpu(extent->ee_block) +
ext4_ext_get_actual_len(extent);
+ } else {
+ ex_start = 0;
+ ex_end = 0;
+ }
ext4_ext_drop_refs(path);
kfree(path);
--
1.7.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/3] ext4: always check ext4_ext_find_extent result
2014-04-13 15:35 [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Dmitry Monakhov
@ 2014-04-13 15:36 ` Dmitry Monakhov
2014-04-13 22:06 ` Theodore Ts'o
2014-04-13 15:36 ` [PATCH 3/3] ext4: remove obsoleted check Dmitry Monakhov
2014-04-13 19:10 ` [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Theodore Ts'o
2 siblings, 1 reply; 6+ messages in thread
From: Dmitry Monakhov @ 2014-04-13 15:36 UTC (permalink / raw)
To: linux-ext4; +Cc: tytso, Dmitry Monakhov
Where are some places where logic guaranties us that extent we are
searching exits, but this may not be true due to on-disk data
corruption. If such corruption happens we must prevent possible
null pointer dereferences.
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
---
fs/ext4/extents.c | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 38be063..f20effb 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -3313,6 +3313,10 @@ static int ext4_split_extent(handle_t *handle,
return PTR_ERR(path);
depth = ext_depth(inode);
ex = path[depth].p_ext;
+ if (!ex) {
+ EXT4_ERROR_INODE(inode, "unexpected hole at %lu", map->m_lblk);
+ return -EIO;
+ }
uninitialized = ext4_ext_is_uninitialized(ex);
split_flag1 = 0;
@@ -3694,6 +3698,12 @@ static int ext4_convert_initialized_extents(handle_t *handle,
}
depth = ext_depth(inode);
ex = path[depth].p_ext;
+ if (!ex) {
+ EXT4_ERROR_INODE(inode, "unexpected hole at %lu",
+ map->m_lblk);
+ err = -EIO;
+ goto out;
+ }
}
err = ext4_ext_get_access(handle, inode, path + depth);
@@ -5340,6 +5350,12 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle,
return PTR_ERR(path);
depth = path->p_depth;
extent = path[depth].p_ext;
+ if (!extent) {
+ EXT4_ERROR_INODE(inode, "unexpected hole at %lu",
+ start);
+ return -EIO;
+ }
+
current_block = le32_to_cpu(extent->ee_block);
if (start > current_block) {
/* Hole, move to the next extent */
--
1.7.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/3] ext4: remove obsoleted check
2014-04-13 15:35 [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Dmitry Monakhov
2014-04-13 15:36 ` [PATCH 2/3] ext4: always check ext4_ext_find_extent result Dmitry Monakhov
@ 2014-04-13 15:36 ` Dmitry Monakhov
2014-04-13 22:13 ` Theodore Ts'o
2014-04-13 19:10 ` [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Theodore Ts'o
2 siblings, 1 reply; 6+ messages in thread
From: Dmitry Monakhov @ 2014-04-13 15:36 UTC (permalink / raw)
To: linux-ext4; +Cc: tytso, Dmitry Monakhov
BH can not be NULL at this point, ext4_read_dirblock() always return
non null value, and we already have done all necessery checks.
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
---
fs/ext4/namei.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 1cb84f7..a683f95 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2510,8 +2510,7 @@ static int empty_dir(struct inode *inode)
ext4_rec_len_from_disk(de1->rec_len, sb->s_blocksize);
de = ext4_next_entry(de1, sb->s_blocksize);
while (offset < inode->i_size) {
- if (!bh ||
- (void *) de >= (void *) (bh->b_data+sb->s_blocksize)) {
+ if ((void *) de >= (void *) (bh->b_data+sb->s_blocksize)) {
unsigned int lblock;
err = 0;
brelse(bh);
--
1.7.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents
2014-04-13 15:35 [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Dmitry Monakhov
2014-04-13 15:36 ` [PATCH 2/3] ext4: always check ext4_ext_find_extent result Dmitry Monakhov
2014-04-13 15:36 ` [PATCH 3/3] ext4: remove obsoleted check Dmitry Monakhov
@ 2014-04-13 19:10 ` Theodore Ts'o
2 siblings, 0 replies; 6+ messages in thread
From: Theodore Ts'o @ 2014-04-13 19:10 UTC (permalink / raw)
To: Dmitry Monakhov; +Cc: linux-ext4
On Sun, Apr 13, 2014 at 07:35:59PM +0400, Dmitry Monakhov wrote:
>
> Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Thanks, applied (and will be pushed as part of bug fixes for 3.15).
- Ted
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/3] ext4: always check ext4_ext_find_extent result
2014-04-13 15:36 ` [PATCH 2/3] ext4: always check ext4_ext_find_extent result Dmitry Monakhov
@ 2014-04-13 22:06 ` Theodore Ts'o
0 siblings, 0 replies; 6+ messages in thread
From: Theodore Ts'o @ 2014-04-13 22:06 UTC (permalink / raw)
To: Dmitry Monakhov; +Cc: linux-ext4
On Sun, Apr 13, 2014 at 07:36:00PM +0400, Dmitry Monakhov wrote:
> Where are some places where logic guaranties us that extent we are
> searching exits, but this may not be true due to on-disk data
> corruption. If such corruption happens we must prevent possible
> null pointer dereferences.
>
> Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Thanks, applied.
- Ted
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 3/3] ext4: remove obsoleted check
2014-04-13 15:36 ` [PATCH 3/3] ext4: remove obsoleted check Dmitry Monakhov
@ 2014-04-13 22:13 ` Theodore Ts'o
0 siblings, 0 replies; 6+ messages in thread
From: Theodore Ts'o @ 2014-04-13 22:13 UTC (permalink / raw)
To: Dmitry Monakhov; +Cc: linux-ext4
On Sun, Apr 13, 2014 at 07:36:01PM +0400, Dmitry Monakhov wrote:
> BH can not be NULL at this point, ext4_read_dirblock() always return
> non null value, and we already have done all necessery checks.
>
> Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Thanks, queued for the next merge window (since it's not a bug fix,
but just a clean up).
- Ted
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-04-13 22:13 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-04-13 15:35 [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Dmitry Monakhov
2014-04-13 15:36 ` [PATCH 2/3] ext4: always check ext4_ext_find_extent result Dmitry Monakhov
2014-04-13 22:06 ` Theodore Ts'o
2014-04-13 15:36 ` [PATCH 3/3] ext4: remove obsoleted check Dmitry Monakhov
2014-04-13 22:13 ` Theodore Ts'o
2014-04-13 19:10 ` [PATCH 1/3] ext4: Fix error handling in ext4_ext_shift_extents Theodore Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).