From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: tytso@mit.edu, darrick.wong@oracle.com
Cc: Sami Liedes <sami.liedes@iki.fi>, linux-ext4@vger.kernel.org
Subject: [PATCH 17/39] e2fsck: fix dangling pointer when dir_info array is resized
Date: Sat, 25 Oct 2014 13:58:12 -0700 [thread overview]
Message-ID: <20141025205812.532.67790.stgit@birch.djwong.org> (raw)
In-Reply-To: <20141025205623.532.12119.stgit@birch.djwong.org>
e2fsck uses an array to store directory usage information during pass
3; the usage context also contains a pointer to the last directory
looked up. When expanding the dir_info array, this cache pointer
needs to be cleared if the array resize changed the pointer location,
or else we'll later walk off the end of this dead pointer.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reported-by: Sami Liedes <sami.liedes@iki.fi>
---
e2fsck/dirinfo.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/e2fsck/dirinfo.c b/e2fsck/dirinfo.c
index 4a9019b..dab5a13 100644
--- a/e2fsck/dirinfo.c
+++ b/e2fsck/dirinfo.c
@@ -121,7 +121,7 @@ static void setup_db(e2fsck_t ctx)
void e2fsck_add_dir_info(e2fsck_t ctx, ext2_ino_t ino, ext2_ino_t parent)
{
struct dir_info_db *db;
- struct dir_info *dir, ent;
+ struct dir_info *dir, ent, *old_array;
int i, j;
errcode_t retval;
unsigned long old_size;
@@ -136,6 +136,7 @@ void e2fsck_add_dir_info(e2fsck_t ctx, ext2_ino_t ino, ext2_ino_t parent)
if (ctx->dir_info->count >= ctx->dir_info->size) {
old_size = ctx->dir_info->size * sizeof(struct dir_info);
ctx->dir_info->size += 10;
+ old_array = ctx->dir_info->array;
retval = ext2fs_resize_mem(old_size, ctx->dir_info->size *
sizeof(struct dir_info),
&ctx->dir_info->array);
@@ -147,6 +148,8 @@ void e2fsck_add_dir_info(e2fsck_t ctx, ext2_ino_t ino, ext2_ino_t parent)
ctx->dir_info->size -= 10;
return;
}
+ if (old_array != ctx->dir_info->array)
+ ctx->dir_info->last_lookup = NULL;
}
ent.ino = ino;
next prev parent reply other threads:[~2014-10-25 20:58 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-25 20:56 [PATCH 00/39] e2fsprogs October 2014 patchbomb, part 6.1 Darrick J. Wong
2014-10-25 20:56 ` [PATCH 01/39] misc: fix compiler warnings Darrick J. Wong
2014-11-04 16:36 ` Theodore Ts'o
2014-10-25 20:56 ` [PATCH 02/39] e2fuzz: exercise fuzzed blocks more aggressively Darrick J. Wong
2014-11-04 16:36 ` Theodore Ts'o
2014-10-25 20:56 ` [PATCH 03/39] libext2fs: directory iteration mustn't walk off the buffer end Darrick J. Wong
2014-11-04 16:37 ` Theodore Ts'o
2014-10-25 20:56 ` [PATCH 04/39] libext2fs: zero the EA block buffer before filling it Darrick J. Wong
2014-11-04 16:47 ` Theodore Ts'o
2014-10-25 20:56 ` [PATCH 05/39] libext2fs: don't memcpy identical pointers when writing a cache block Darrick J. Wong
2014-11-04 16:48 ` Theodore Ts'o
2014-10-25 20:57 ` [PATCH 06/39] misc: fix broken libmagic interaction with plausibility check Darrick J. Wong
2014-11-04 16:50 ` Theodore Ts'o
2014-10-25 20:57 ` [PATCH 07/39] tune2fs: speed up rewriting extent tree when enabling metadata_csum Darrick J. Wong
2014-11-04 16:52 ` Theodore Ts'o
2014-10-25 20:57 ` [PATCH 08/39] tune2fs: don't change metadata_csum on a mounted fs Darrick J. Wong
2014-11-04 16:52 ` Theodore Ts'o
2014-10-25 20:57 ` [PATCH 09/39] resize2fs: don't exit if shrinking sparse_super2 fs to one bg Darrick J. Wong
2014-10-25 20:57 ` [PATCH 10/39] resize2fs: quickly rewrite extent blocks when moving an inode w/ metadata_csum Darrick J. Wong
2014-10-25 20:57 ` [PATCH 11/39] resize2fs: use old_fs to detect per-bg metadata blocks to free Darrick J. Wong
2014-10-25 20:57 ` [PATCH 12/39] resize2fs: don't interpret bitmap shift while crossing flexbg as raid stride Darrick J. Wong
2014-10-25 20:57 ` [PATCH 13/39] resize2fs: set block_uninit in former last bg when expanding fs Darrick J. Wong
2014-10-27 23:29 ` [PATCH v2 13/39] resize2fs: set bg flags and unused inode count when resizing Darrick J. Wong
2014-10-25 20:57 ` [PATCH 14/39] mke2fs: don't zero inode table blocks that are already zeroed Darrick J. Wong
2014-10-25 20:57 ` [PATCH 15/39] dumpe2fs: 80 column outputs, please Darrick J. Wong
2014-10-25 20:58 ` [PATCH 16/39] dumpe2fs: output cleanup Darrick J. Wong
2014-10-25 20:58 ` Darrick J. Wong [this message]
2014-11-05 16:12 ` [PATCH 17/39] e2fsck: fix dangling pointer when dir_info array is resized Theodore Ts'o
2014-10-25 20:58 ` [PATCH 18/39] e2fsck: opportunistically recalculate unused inode count and inode_uninit after pass 5 Darrick J. Wong
2014-10-27 20:18 ` Darrick J. Wong
2014-10-25 20:58 ` [PATCH 19/39] e2fsck: opportunistically set block_uninit " Darrick J. Wong
2014-10-27 23:27 ` [PATCH 19/39] libext2fs: set BLOCK_UNINIT for non-last blockgroups if all blocks are free Darrick J. Wong
2014-10-25 20:58 ` [PATCH 20/39] libext2fs/e2fsck: provide routines to read-ahead metadata Darrick J. Wong
2014-10-25 20:58 ` [PATCH 21/39] e2fsck: read-ahead metadata during passes 1, 2, and 4 Darrick J. Wong
2014-10-25 20:58 ` [PATCH 22/39] libext2fs: ext2fs_new_block2() should call alloc_block hook Darrick J. Wong
2014-10-25 20:58 ` [PATCH 23/39] libext2fs: support BLKZEROOUT/FALLOC_FL_ZERO_RANGE in ext2fs_zero_blocks Darrick J. Wong
2014-10-25 20:58 ` [PATCH 24/39] libext2fs/e2fsck: refactor everyone who writes zero blocks to disk Darrick J. Wong
2014-10-25 20:59 ` [PATCH 25/39] libext2fs: support allocating uninit blocks in bmap2() Darrick J. Wong
2014-10-25 20:59 ` [PATCH 26/39] libext2fs: file IO routines should handle uninit blocks Darrick J. Wong
2014-10-25 20:59 ` [PATCH 27/39] resize2fs: convert fs to and from 64bit mode Darrick J. Wong
2014-10-25 20:59 ` [PATCH 28/39] tests: test resize2fs 32->64 and 64->32bit conversion code Darrick J. Wong
2014-10-25 20:59 ` [PATCH 29/39] libext2fs: find inode goal when allocating blocks Darrick J. Wong
2014-10-25 20:59 ` [PATCH 30/39] libext2fs: find/alloc a range of empty blocks Darrick J. Wong
2014-10-25 20:59 ` [PATCH 31/39] libext2fs: add new hooks to support large allocations Darrick J. Wong
2014-10-25 20:59 ` [PATCH 32/39] libext2fs: implement fallocate Darrick J. Wong
2014-10-25 20:59 ` [PATCH 33/39] libext2fs: use fallocate for creating journals and hugefiles Darrick J. Wong
2014-10-25 21:00 ` [PATCH 34/39] debugfs: implement fallocate Darrick J. Wong
2014-10-25 21:00 ` [PATCH 35/39] tests: test debugfs punch command Darrick J. Wong
2014-10-25 21:00 ` [PATCH 37/39] fuse2fs: translate ACL structures Darrick J. Wong
2014-10-25 21:00 ` [PATCH 38/39] fuse2fs: handle 64-bit dates correctly Darrick J. Wong
2014-10-25 21:00 ` [PATCH 39/39] fuse2fs: implement fallocate Darrick J. Wong
2014-10-27 23:31 ` [PATCH 40/39] e2fsck: fix reporting of unknown htree block inode number Darrick J. Wong
2014-11-05 16:11 ` Theodore Ts'o
2014-10-27 23:32 ` [PATCH 41/39] mke2fs: warn if enabling metadata_csum on a pre-3.18 kernel Darrick J. Wong
2014-11-05 16:20 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141025205812.532.67790.stgit@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=linux-ext4@vger.kernel.org \
--cc=sami.liedes@iki.fi \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).