Changes since last update:

- fix incorrect dropping of error code from bmap
 - print buffer offsets instead of useless hashed pointers when dumping
   corrupt metadata
 - fix integer overflow in attribute verifier
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEUzaAxoMeQq6m2jMV+H93GTRKtOsFAlvhuOAACgkQ+H93GTRK
 tOsgUg/9Edx3hs+s+T34PKcfLS2j1p3ao+dNnLPwCvGid5dZOF4YeoB4ojPrrxG4
 CW2VvpHtvg8FX1wIShuVFwjvuwzp/EJWBbIiwD7yPPVgYrofmrI1W/b6yRYhxnFt
 ek9wf+nAcStEEIfzJcsJHNfbJqB0ZWN4icILwcFglYuWN3M0WW9HsqwAtuJaKmWw
 8w8irVMHTdfhhJp14hG2nvTm/HKcyGDlbq9mQGmOm0uCcVf0mrrMPF/B9of3k/s5
 eDyDfn5bF+640xmkpVIe4u6LZa7NnpeJWvJq9P7gIr+Tz6MZv2jDejX6YyOAsdl/
 v9FgNl8Wl6otw4VMfAoZodq9khgrsWYLpsu210+YsEzdWq4FsFVJcNBmX86d/xtt
 Uuc84bNAea/EBtVoSk81+clmqb2h078te7OramgxwdagSlYo5aergWSDWv8EMKkb
 lXvnbf9xVbauJBy6orpEdVjnDNM248KWbjA9xO6S+IhIkfKGbdgXF4JRrYvpk2CW
 KpmBaOU1lzxzPDCZbtw/8f10JmBerQ/NjB5dp9DGfBbAKLrYZfc+Sqi+LaUnKbmj
 MBjHCnH0cqGAOJ54N3ogJfD26MiXN562+lvkqJhyZ5Wp6ac3Th5pBGnlrgAv1pmh
 5QjmlKip/GgiOEf/NSH6WHTcgexCCBpuRJg398ZGM/6KRsW6jBo=
 =Ghf/
 -----END PGP SIGNATURE-----

Merge tag 'xfs-4.20-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

Pull xfs fixes from Darrick Wong:

 - fix incorrect dropping of error code from bmap

 - print buffer offsets instead of useless hashed pointers when dumping
   corrupt metadata

 - fix integer overflow in attribute verifier

* tag 'xfs-4.20-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
  xfs: fix overflow in xfs_attr3_leaf_verify
  xfs: print buffer offsets when dumping corrupt buffers
  xfs: Fix error code in 'xfs_ioc_getbmap()'
This commit is contained in:
Linus Torvalds 2018-11-08 17:55:01 -06:00
commit 24ccea7e10
3 changed files with 11 additions and 4 deletions

View File

@ -243,7 +243,7 @@ xfs_attr3_leaf_verify(
struct xfs_mount *mp = bp->b_target->bt_mount;
struct xfs_attr_leafblock *leaf = bp->b_addr;
struct xfs_attr_leaf_entry *entries;
uint16_t end;
uint32_t end; /* must be 32bit - see below */
int i;
xfs_attr3_leaf_hdr_from_disk(mp->m_attr_geo, &ichdr, leaf);
@ -293,6 +293,11 @@ xfs_attr3_leaf_verify(
/*
* Quickly check the freemap information. Attribute data has to be
* aligned to 4-byte boundaries, and likewise for the free space.
*
* Note that for 64k block size filesystems, the freemap entries cannot
* overflow as they are only be16 fields. However, when checking end
* pointer of the freemap, we have to be careful to detect overflows and
* so use uint32_t for those checks.
*/
for (i = 0; i < XFS_ATTR_LEAF_MAPSIZE; i++) {
if (ichdr.freemap[i].base > mp->m_attr_geo->blksize)
@ -303,7 +308,9 @@ xfs_attr3_leaf_verify(
return __this_address;
if (ichdr.freemap[i].size & 0x3)
return __this_address;
end = ichdr.freemap[i].base + ichdr.freemap[i].size;
/* be care of 16 bit overflows here */
end = (uint32_t)ichdr.freemap[i].base + ichdr.freemap[i].size;
if (end < ichdr.freemap[i].base)
return __this_address;
if (end > mp->m_attr_geo->blksize)

View File

@ -1608,7 +1608,7 @@ xfs_ioc_getbmap(
error = 0;
out_free_buf:
kmem_free(buf);
return 0;
return error;
}
struct getfsmap_info {

View File

@ -107,5 +107,5 @@ assfail(char *expr, char *file, int line)
void
xfs_hex_dump(void *p, int length)
{
print_hex_dump(KERN_ALERT, "", DUMP_PREFIX_ADDRESS, 16, 1, p, length, 1);
print_hex_dump(KERN_ALERT, "", DUMP_PREFIX_OFFSET, 16, 1, p, length, 1);
}