From: Eric Sandeen <sandeen@sandeen.net>
To: xfs@oss.sgi.com
Subject: Re: [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore
Date: Wed, 2 Dec 2015 22:54:19 -0600 [thread overview]
Message-ID: <565FCAFB.5020502@sandeen.net> (raw)
In-Reply-To: <1449055167-19936-6-git-send-email-t.vivek@samsung.com>
On 12/2/15 5:19 AM, Vivek Trivedi wrote:
> fix error reported by coverity - Integer overflowed argument
>
> also, add print incase of invalid read count to get more debug
> information.
>
> Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
> ---
> mdrestore/xfs_mdrestore.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/mdrestore/xfs_mdrestore.c b/mdrestore/xfs_mdrestore.c
> index 5764616..a87a091 100644
> --- a/mdrestore/xfs_mdrestore.c
> +++ b/mdrestore/xfs_mdrestore.c
> @@ -93,6 +93,10 @@ perform_restore(
> block_index = (__be64 *)((char *)metablock + sizeof(xfs_metablock_t));
> block_buffer = (char *)metablock + block_size;
>
> + if (block_size < sizeof(tmb))
> + fatal("bad read count, block_size: %d, tmb size %d\n",
> + block_size, sizeof(tmb));
> +
block_size is block_size = 1 << tmb.mb_blocklog; where mb_blocklog is
always metablock->mb_blocklog = BBSHIFT;, so block_size is always 512.
On the other hand, sizeof(tmb) is simply 8.
There seems to be no possible path for this to be a problem, so it hardly
seems worth the printf.
Would an ASSERT(block_size >= sizeof(tmb)) make coverity happy?
-Eric
> if (fread(block_index, block_size - sizeof(tmb), 1, src_f) != 1)
> fatal("error reading from file: %s\n", strerror(errno));
>
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2015-12-03 4:54 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-02 11:19 [PATCH 00/11] xfsprogs misc fixes Vivek Trivedi
2015-12-02 11:19 ` [PATCH 01/11] xfsprogs: xfs_io: fix a memory leak in imap_f Vivek Trivedi
2015-12-02 17:55 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 02/11] xfsprogs: fix integer overflow in xlog_find_verify_cycle Vivek Trivedi
2015-12-02 17:58 ` Eric Sandeen
2015-12-03 5:49 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 03/11] xfsprogs: mkfs: fix unintentional integer overflow Vivek Trivedi
2015-12-03 3:34 ` Eric Sandeen
2015-12-03 5:54 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 04/11] xfsprogs: xfsdb: remove unnessary checks in process_leaf_node_dir_v2_free Vivek Trivedi
2015-12-03 5:57 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore Vivek Trivedi
2015-12-03 4:54 ` Eric Sandeen [this message]
2015-12-03 5:59 ` Dave Chinner
2015-12-03 6:05 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 06/11] xfsprogs: xfs_db: check null derefernce after block_to_bt Vivek Trivedi
2015-12-03 5:43 ` Eric Sandeen
2015-12-02 11:19 ` [PATCH 07/11] xfsprogs: xfs_fsr: replace sprintf with snprintf to avoid buffer overflow Vivek Trivedi
2015-12-03 5:44 ` Eric Sandeen
2015-12-03 6:07 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 08/11] xfsprogs: xfs_repair: fix possible null dereference in build_ino_tree Vivek Trivedi
2015-12-03 6:19 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 09/11] xfsprogs: xfs_repair: fix possible null dereference in traverse_int_dir2block Vivek Trivedi
2015-12-03 5:51 ` Eric Sandeen
2015-12-03 6:22 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 10/11] xfsprogs: fix possible null pointer dereference in xfs_iformat_extents Vivek Trivedi
2015-12-03 6:31 ` Dave Chinner
2015-12-02 11:19 ` [PATCH 11/11] xfsprogs: xfs_repair: fix possible null pointer dereference in mark_standalone_inodes Vivek Trivedi
2015-12-03 6:34 ` Dave Chinner
2015-12-02 15:10 ` [PATCH 00/11] xfsprogs misc fixes Eric Sandeen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=565FCAFB.5020502@sandeen.net \
--to=sandeen@sandeen.net \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox