[PATCH] address hfs on-disk corruption robustness review comments

[PATCH] address hfs on-disk corruption robustness review comments

[Eric Sandeen]

Address Roman's review comments for the previously sent on-disk
corruption hfs robustness patch.

I still owe a patch for hfsplus.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>

---



Index: linux-2.6.24-rc6-mm1/fs/hfs/bfind.c
===================================================================
--- linux-2.6.24-rc6-mm1.orig/fs/hfs/bfind.c
+++ linux-2.6.24-rc6-mm1/fs/hfs/bfind.c
@@ -52,9 +52,9 @@ int __hfs_brec_find(struct hfs_bnode *bn
 		rec = (e + b) / 2;
 		len = hfs_brec_lenoff(bnode, rec, &off);
 		keylen = hfs_brec_keylen(bnode, rec);
-		if (keylen == HFS_BAD_KEYLEN) {
+		if (keylen == 0) {
 			res = -EINVAL;
-			goto done;
+			goto fail;
 		}
 		hfs_bnode_read(bnode, fd->key, off, keylen);
 		cmpval = bnode->tree->keycmp(fd->key, fd->search_key);
@@ -71,9 +71,9 @@ int __hfs_brec_find(struct hfs_bnode *bn
 	if (rec != e && e >= 0) {
 		len = hfs_brec_lenoff(bnode, e, &off);
 		keylen = hfs_brec_keylen(bnode, e);
-		if (keylen == HFS_BAD_KEYLEN) {
+		if (keylen == 0) {
 			res = -EINVAL;
-			goto done;
+			goto fail;
 		}
 		hfs_bnode_read(bnode, fd->key, off, keylen);
 	}
@@ -83,6 +83,7 @@ done:
 	fd->keylength = keylen;
 	fd->entryoffset = off + keylen;
 	fd->entrylength = len - keylen;
+fail:
 	return res;
 }
 
@@ -206,7 +207,7 @@ int hfs_brec_goto(struct hfs_find_data *
 
 	len = hfs_brec_lenoff(bnode, fd->record, &off);
 	keylen = hfs_brec_keylen(bnode, fd->record);
-	if (keylen == HFS_BAD_KEYLEN) {
+	if (keylen == 0) {
 		res = -EINVAL;
 		goto out;
 	}
Index: linux-2.6.24-rc6-mm1/fs/hfs/brec.c
===================================================================
--- linux-2.6.24-rc6-mm1.orig/fs/hfs/brec.c
+++ linux-2.6.24-rc6-mm1/fs/hfs/brec.c
@@ -49,14 +49,14 @@ u16 hfs_brec_keylen(struct hfs_bnode *no
 			if (retval > node->tree->max_key_len + 2) {
 				printk(KERN_ERR "hfs: keylen %d too large\n",
 					retval);
-				retval = HFS_BAD_KEYLEN;
+				retval = 0;
 			}
 		} else {
 			retval = (hfs_bnode_read_u8(node, recoff) | 1) + 1;
 			if (retval > node->tree->max_key_len + 1) {
 				printk(KERN_ERR "hfs: keylen %d too large\n",
 					retval);
-				retval = HFS_BAD_KEYLEN;
+				retval = 0;
 			}
 		}
 	}
Index: linux-2.6.24-rc6-mm1/fs/hfs/btree.c
===================================================================
--- linux-2.6.24-rc6-mm1.orig/fs/hfs/btree.c
+++ linux-2.6.24-rc6-mm1/fs/hfs/btree.c
@@ -81,15 +81,23 @@ struct hfs_btree *hfs_btree_open(struct 
 		goto fail_page;
 	if (!tree->node_count)
 		goto fail_page;
-	if ((id == HFS_EXT_CNID) && (tree->max_key_len != HFS_MAX_EXT_KEYLEN)) {
-		printk(KERN_ERR "hfs: invalid extent max_key_len %d\n",
-			tree->max_key_len);
-		goto fail_page;
-	}
-	if ((id == HFS_CAT_CNID) && (tree->max_key_len != HFS_MAX_CAT_KEYLEN)) {
-		printk(KERN_ERR "hfs: invalid catalog max_key_len %d\n",
-			tree->max_key_len);
-		goto fail_page;
+	switch(id) {
+	case HFS_EXT_CNID:
+		if (tree->max_key_len != HFS_MAX_EXT_KEYLEN) {
+			printk(KERN_ERR "hfs: invalid extent max_key_len %d\n",
+				tree->max_key_len);
+			goto fail_page;
+		}
+		break;
+	case HFS_CAT_CNID:
+		if (tree->max_key_len != HFS_MAX_CAT_KEYLEN) {
+			printk(KERN_ERR "hfs: invalid catalog max_key_len %d\n",
+				tree->max_key_len);
+			goto fail_page;
+		}
+		break;
+	default:
+		BUG();
 	}
 
 	tree->node_size_shift = ffs(size) - 1;
Index: linux-2.6.24-rc6-mm1/fs/hfs/hfs.h
===================================================================
--- linux-2.6.24-rc6-mm1.orig/fs/hfs/hfs.h
+++ linux-2.6.24-rc6-mm1/fs/hfs/hfs.h
@@ -28,8 +28,6 @@
 #define HFS_MAX_NAMELEN		128
 #define HFS_MAX_VALENCE		32767U
 
-#define HFS_BAD_KEYLEN		0xFF
-
 /* Meanings of the drAtrb field of the MDB,
  * Reference: _Inside Macintosh: Files_ p. 2-61
  */

[PATCH] hfs: fix coverity-found null deref

[Eric Sandeen]

Fix potential null deref introduced by commit
cf0594625083111ae522496dc1c256f7476939c2
http://bugzilla.kernel.org/show_bug.cgi?id=9748

Signed-off-by: Eric Sandeen <sandeen@redhat.com>

---

Index: linux-2.6.24-rc6-mm1/fs/hfs/btree.c
===================================================================
--- linux-2.6.24-rc6-mm1.orig/fs/hfs/btree.c
+++ linux-2.6.24-rc6-mm1/fs/hfs/btree.c
@@ -61,7 +61,7 @@ struct hfs_btree *hfs_btree_open(struct 
 	mapping = tree->inode->i_mapping;
 	page = read_mapping_page(mapping, 0, NULL);
 	if (IS_ERR(page))
-		goto free_tree;
+		goto free_inode;
 
 	/* Load the header */
 	head = (struct hfs_btree_header_rec *)(kmap(page) + sizeof(struct hfs_bnode_desc));
@@ -107,11 +107,12 @@ struct hfs_btree *hfs_btree_open(struct 
 	page_cache_release(page);
 	return tree;
 
- fail_page:
+fail_page:
 	page_cache_release(page);
- free_tree:
+free_inode:
 	tree->inode->i_mapping->a_ops = &hfs_aops;
 	iput(tree->inode);
+free_tree:
 	kfree(tree);
 	return NULL;
 }

Re: [PATCH] address hfs on-disk corruption robustness review comments

[Andrew Morton]

On Mon, 14 Jan 2008 15:15:04 -0600
Eric Sandeen <sandeen@redhat.com> wrote:

> Address Roman's review comments for the previously sent on-disk
> corruption hfs robustness patch.
> 
> I still owe a patch for hfsplus.
> 
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>

That isn't a changlog.  Please send a description of this patch?

Re: [PATCH] address hfs on-disk corruption robustness review comments

[Eric Sandeen]

Andrew Morton wrote:
> On Mon, 14 Jan 2008 15:15:04 -0600
> Eric Sandeen <sandeen@redhat.com> wrote:
> 
>> Address Roman's review comments for the previously sent on-disk
>> corruption hfs robustness patch.
>>
>> I still owe a patch for hfsplus.
>>
>> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> 
> That isn't a changlog.  Please send a description of this patch?

Follows.

-----------

Per maintainer's request, use 0 as a failure value, rather than
making a new macro HFS_BAD_KEYLEN, and use a switch statement
instead of if's.

Add new fail: target to __hfs_brec_find to skip assignments using
bad values when exiting with a failure.

-----------

Sorry 'bout that.

-Eric