From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: tytso@mit.edu, darrick.wong@oracle.com
Cc: linux-ext4@vger.kernel.org
Subject: [PATCH 20/24] e2fsck: pass2 should not process directory blocks that are impossibly large
Date: Fri, 18 Jul 2014 15:54:46 -0700 [thread overview]
Message-ID: <20140718225446.31374.67903.stgit@birch.djwong.org> (raw)
In-Reply-To: <20140718225200.31374.85411.stgit@birch.djwong.org>
Currently, directories cannot be fallocated, which means that the only
way they get bigger is for the kernel to append blocks one by one.
Therefore, if we encounter a logical block offset that is too big, we
needn't bother adding it to the dblist for pass2 processing, because
it's unlikely to contain a valid directory block. The code that
handles extent based directories also does not add toobig blocks to
the dblist.
Note that we can easily cause e2fsck to fail with ENOMEM if we start
feeding it really large logical block offsets, as the dblist
implementation will try to realloc() an array big enough to hold it.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
---
e2fsck/pass1.c | 11 +++++++++++
tests/f_hugedir_blocks/expect.1 | 10 ++++++++++
tests/f_hugedir_blocks/expect.2 | 7 +++++++
tests/f_hugedir_blocks/image.gz | Bin
tests/f_hugedir_blocks/name | 1 +
5 files changed, 29 insertions(+)
create mode 100644 tests/f_hugedir_blocks/expect.1
create mode 100644 tests/f_hugedir_blocks/expect.2
create mode 100644 tests/f_hugedir_blocks/image.gz
create mode 100644 tests/f_hugedir_blocks/name
diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c
index 7a16780..b478bca 100644
--- a/e2fsck/pass1.c
+++ b/e2fsck/pass1.c
@@ -2758,6 +2758,17 @@ static int process_block(ext2_filsys fs,
blk = *block_nr = 0;
ret_code = BLOCK_CHANGED;
p->inode_modified = 1;
+ /*
+ * If the directory block is too big and is beyond the
+ * end of the FS, don't bother trying to add it for
+ * processing -- the kernel would never have created a
+ * directory this large, and we risk an ENOMEM abort.
+ * In any case, the toobig handler for extent-based
+ * directories also doesn't feed toobig blocks to
+ * pass 2.
+ */
+ if (problem == PR_1_TOOBIG_DIR)
+ return ret_code;
goto mark_dir;
} else
return 0;
diff --git a/tests/f_hugedir_blocks/expect.1 b/tests/f_hugedir_blocks/expect.1
new file mode 100644
index 0000000..798a7ac
--- /dev/null
+++ b/tests/f_hugedir_blocks/expect.1
@@ -0,0 +1,10 @@
+Pass 1: Checking inodes, blocks, and sizes
+Inode 12 is too big. Truncate? yes
+
+Block #1074791435 (13) causes directory to be too big. CLEARED.
+Pass 2: Checking directory structure
+Pass 3: Checking directory connectivity
+Pass 4: Checking reference counts
+Pass 5: Checking group summary information
+test_filesys: 12/128 files (8.3% non-contiguous), 22/512 blocks
+Exit status is 0
diff --git a/tests/f_hugedir_blocks/expect.2 b/tests/f_hugedir_blocks/expect.2
new file mode 100644
index 0000000..ac5f4c1
--- /dev/null
+++ b/tests/f_hugedir_blocks/expect.2
@@ -0,0 +1,7 @@
+Pass 1: Checking inodes, blocks, and sizes
+Pass 2: Checking directory structure
+Pass 3: Checking directory connectivity
+Pass 4: Checking reference counts
+Pass 5: Checking group summary information
+test_filesys: 12/128 files (8.3% non-contiguous), 22/512 blocks
+Exit status is 0
diff --git a/tests/f_hugedir_blocks/image.gz b/tests/f_hugedir_blocks/image.gz
new file mode 100644
index 0000000000000000000000000000000000000000..1d54de806e596575a2a081931c587d77a695b79d
GIT binary patch
literal 2497
zcmb2|=3uxyeNiwI^V>Uy*}{P`3?Is;hhz(93W_gGC@csx?s^bZx=}%o@nERSk`B?T
zq-@zBbMwNN_YU$ucr@$%0)-tMeNDSwEOM%u?w!>sn6uV%_P@G^^~X=|z4LVM?md6r
z7pbr$?9X~K*`y`8@S7s1;%l4vWs71L2A+AhcJ1}~$32`@hyI__5@CDhcu{$*XL{UA
zk#kR9cW6g;e)fOAU$1RucmBMXox5r>Yo7ixxV7ucn`2M2?>~>*yQlWq(VyGZkAM0e
z?c1F?`}W4*Wsj9#ey*`RHpiKtp+WJ)<@?Hpep^2O*O_wbW~L%{zyE7R1_p*3zoU+y
ze(3&EK8_#AdsFrE{r{^ImTV2U!yUkz8MRvU`v*B*;g@q;kG{FGw)J;;{<G6g6}FLH
z)2GSrDqsTYsP<U;{LlZ>DTV()`g>+*#sVpZbN?BE<n#X^HV_=xAajWoNE>`wCH?R}
zSPm@Cz>u)rY7IA(jZ7sdL`}9$1&Sm**}(*|hfHuF?9BSL*LQE6f9vl@r#U{NZ_ir=
z>S(rq^qZ^V_R>DL-s;%pXU&@{OTITR7L;f?mNmyD{ddp*lgEB+kDWTN=u`X0_1~*c
z#5Eqwc=q#r&i+68yvDO%O-=4OY9a9W0pD}`!+-vif8PIQ`=9sWzdsjdC(V9+{`iHf
z<@e?O`u>~lzVC0I9tW8YAJsM*0;3@?8UmvsFd71*AwVbu4qW@oGI8xHe+C8x1^`B?
B32*=a
literal 0
HcmV?d00001
diff --git a/tests/f_hugedir_blocks/name b/tests/f_hugedir_blocks/name
new file mode 100644
index 0000000..d74761b
--- /dev/null
+++ b/tests/f_hugedir_blocks/name
@@ -0,0 +1 @@
+crash e2fsck with a dir with an impossibly high logical blk offset
next prev parent reply other threads:[~2014-07-18 22:55 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-18 22:52 [PATCH 00/24] e2fsprogs patchbomb 7/14, part 1 Darrick J. Wong
2014-07-18 22:52 ` [PATCH 01/24] e4defrag: backwards-allocated files should be defragmented too Darrick J. Wong
2014-07-21 23:44 ` Akira Fujita
2014-07-22 16:32 ` Theodore Ts'o
2014-07-18 22:52 ` [PATCH 02/24] debugfs: Only print the first 60 bytes from i_block on a fast symlink Darrick J. Wong
2014-07-19 16:49 ` Andreas Dilger
2014-07-22 16:43 ` Theodore Ts'o
2014-07-22 20:39 ` Darrick J. Wong
2014-07-22 20:34 ` Darrick J. Wong
2014-07-18 22:52 ` [PATCH 03/24] debugfs: create idump command to dump an inode in hex Darrick J. Wong
2014-07-22 17:47 ` Theodore Ts'o
2014-07-18 22:52 ` [PATCH 04/24] debugfs: allow bmap to allocate blocks Darrick J. Wong
2014-07-22 17:52 ` Theodore Ts'o
2014-07-18 22:52 ` [PATCH 05/24] e2fsck: report correct inode number in pass1b Darrick J. Wong
2014-07-22 17:47 ` Theodore Ts'o
2014-07-18 22:52 ` [PATCH 06/24] e2fsck: don't offer to recreate the journal if fsck is aborting due to bad block bitmaps Darrick J. Wong
2014-07-22 17:58 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 07/24] e2fsck: skip clearing bad extents if bitmaps are unreadable Darrick J. Wong
2014-07-22 17:58 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 08/24] e2fsck: fix inode coherency issue when iterating an inode's blocks Darrick J. Wong
2014-07-22 18:58 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 09/24] e2fsck: clear i_block if there are too many bad block mappings Darrick J. Wong
2014-07-22 18:59 ` Theodore Ts'o
2014-07-22 22:14 ` Darrick J. Wong
2014-07-22 22:48 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 10/24] e2fsck: don't clobber critical metadata during check_blocks Darrick J. Wong
2014-07-25 1:03 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 11/24] e2fsck: free ctx->fs, not fs, at the end of fsck Darrick J. Wong
2014-07-25 1:14 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 12/24] e2fsck: force all block allocations to use block_found_map Darrick J. Wong
2014-07-25 2:18 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 13/24] e2fsck: fix off-by-one bounds check on group number Darrick J. Wong
2014-07-25 2:20 ` Theodore Ts'o
2014-07-18 22:53 ` [PATCH 14/24] libext2fs: fix bounds check of the bitmap test range in get_free_blocks2 Darrick J. Wong
2014-07-25 11:13 ` Theodore Ts'o
2014-07-18 22:54 ` [PATCH 15/24] misc: fix problems with strncat Darrick J. Wong
2014-07-25 11:22 ` Theodore Ts'o
2014-07-18 22:54 ` [PATCH 16/24] e2fsck: don't crash during rehash Darrick J. Wong
2014-07-25 11:22 ` Theodore Ts'o
2014-07-18 22:54 ` [PATCH 17/24] e2fsck: reserve blocks for root/lost+found directory repair Darrick J. Wong
2014-07-25 12:12 ` Theodore Ts'o
2014-07-25 20:19 ` Darrick J. Wong
2014-07-18 22:54 ` [PATCH 18/24] e2fsck: collapse holes in extent-based directories Darrick J. Wong
2014-07-25 12:33 ` Theodore Ts'o
2014-07-18 22:54 ` [PATCH 19/24] e2fsck: always submit logical block 0 of a directory for pass 2 Darrick J. Wong
2014-07-25 12:40 ` Theodore Ts'o
2014-07-18 22:54 ` Darrick J. Wong [this message]
2014-07-25 12:42 ` [PATCH 20/24] e2fsck: pass2 should not process directory blocks that are impossibly large Theodore Ts'o
2014-07-18 22:55 ` [PATCH 21/24] e2fsck: clear uninit flag on directory extents Darrick J. Wong
2014-07-25 13:00 ` Theodore Ts'o
2014-07-18 22:55 ` [PATCH 22/24] e2fsck: check return value of ext2fs_extent_fix_parents() Darrick J. Wong
2014-07-25 12:51 ` Theodore Ts'o
2014-07-18 22:55 ` [PATCH 23/24] mke2fs: set error behavior at initialization time Darrick J. Wong
2014-07-25 13:00 ` Theodore Ts'o
2014-07-18 22:55 ` [PATCH 24/24] e2fuzz: Create a tool to fuzz ext* filesystems Darrick J. Wong
2014-07-25 13:16 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140718225446.31374.67903.stgit@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).