Verify structure sizes at compile time

commit 9425b47b897e690c71a337c0c93477bfd6fa1997 category: bugfix issue: #I6VAS0 CVE: NA Signed-off-by: DongSenhao <dongsenhao2@huawei.com> --------------------------------------- Before modifying the __attribute__((packed)) annotations, let the compiler verify the sizes of on-disk data structures. Signed-off-by: Bart Van Assche <bvanassche@acm.org> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: dongsenhao <dongsenhao2@huawei.com>
2024-11-27 04:00:57 +00:00 · 2022-04-21 15:18:15 -07:00 · 2022-04-21 15:18:15 -07:00 · a86f797930
commit a86f797930
parent e57ee3aa0b
7 changed files with 77 additions and 0 deletions
--- a/fsck/quotaio.c
+++ b/fsck/quotaio.c
@ -33,6 +33,8 @@ struct disk_dqheader {
 	__le32 dqh_version;
 } __attribute__ ((packed));

+static_assert(sizeof(struct disk_dqheader) == 8, "");
+
 int cur_qtype = -1;
 u32 qf_last_blkofs[MAXQUOTAS] = {0, 0, 0};
 enum qf_szchk_type_t qf_szchk_type[MAXQUOTAS] =
--- a/fsck/quotaio_tree.h
+++ b/fsck/quotaio_tree.h
@ -35,6 +35,8 @@ struct qt_disk_dqdbheader {
 	__le32 dqdh_pad2;
 } __attribute__ ((packed));

+static_assert(sizeof(struct qt_disk_dqdbheader) == 16, "");
+
 struct dquot;
 struct quota_handle;

--- a/fsck/quotaio_v2.h
+++ b/fsck/quotaio_v2.h
@ -20,6 +20,8 @@ struct v2_disk_dqheader {
 	__le32 dqh_version;	/* File version */
 } __attribute__ ((packed));

+static_assert(sizeof(struct v2_disk_dqheader) == 8, "");
+
 /* Flags for version specific files */
 #define V2_DQF_MASK  0x0000	/* Mask for all valid ondisk flags */

@ -36,6 +38,8 @@ struct v2_disk_dqinfo {
 					 * free entry */
 } __attribute__ ((packed));

+static_assert(sizeof(struct v2_disk_dqinfo) == 24, "");
+
 struct v2r1_disk_dqblk {
 	__le32 dqb_id;	/* id this quota applies to */
 	__le32 dqb_pad;
@ -51,4 +55,6 @@ struct v2r1_disk_dqblk {
 	__le64 dqb_itime;	/* time limit for excessive inode use */
 } __attribute__ ((packed));

+static_assert(sizeof(struct v2r1_disk_dqblk) == 72, "");
+
 #endif
--- a/fsck/xattr.h
+++ b/fsck/xattr.h
@ -47,6 +47,8 @@ struct fscrypt_context {
 	u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
 } __attribute__((packed));

+static_assert(sizeof(struct fscrypt_context) == 28, "");
+
 #define F2FS_ACL_VERSION	0x0001

 struct f2fs_acl_entry {
--- a/include/f2fs_fs.h
+++ b/include/f2fs_fs.h
@ -68,6 +68,10 @@
 # define UNUSED(x) x
 #endif

+#ifndef static_assert
+#define static_assert _Static_assert
+#endif
+
 #ifdef _WIN32
 #undef HAVE_LINUX_TYPES_H
 #endif
@ -738,6 +742,8 @@ struct f2fs_device {
 	__le32 total_segments;
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_device) == 68, "");
+
 struct f2fs_super_block {
 	__le32 magic;			/* Magic Number */
 	__le16 major_ver;		/* Major Version */
@ -785,6 +791,8 @@ struct f2fs_super_block {
 	__le32 crc;			/* checksum of superblock */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_super_block) == 3072, "");
+
 /*
 * For checkpoint
 */
@ -836,6 +844,8 @@ struct f2fs_checkpoint {
 	unsigned char sit_nat_version_bitmap[];
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_checkpoint) == 192, "");
+
 #define CP_BITMAP_OFFSET	\
 	(offsetof(struct f2fs_checkpoint, sit_nat_version_bitmap))
 #define CP_MIN_CHKSUM_OFFSET	CP_BITMAP_OFFSET
@ -860,6 +870,8 @@ struct f2fs_orphan_block {
 	__le32 check_sum;	/* CRC32 for orphan inode block */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_orphan_block) == 4096, "");
+
 /*
 * For NODE structure
 */
@ -869,6 +881,8 @@ struct f2fs_extent {
 	__le32 len;		/* lengh of the extent */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_extent) == 12, "");
+
 #define F2FS_NAME_LEN		255

 /* max output length of pretty_print_filename() including null terminator */
@ -1014,15 +1028,20 @@ struct f2fs_inode {
 						double_indirect(1) node id */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_inode) == 4072, "");

 struct direct_node {
 	__le32 addr[DEF_ADDRS_PER_BLOCK];	/* array of data block address */
 } __attribute__((packed));

+static_assert(sizeof(struct direct_node) == 4072, "");
+
 struct indirect_node {
 	__le32 nid[NIDS_PER_BLOCK];	/* array of data block address */
 } __attribute__((packed));

+static_assert(sizeof(struct indirect_node) == 4072, "");
+
 enum {
 	COLD_BIT_SHIFT = 0,
 	FSYNC_BIT_SHIFT,
@ -1040,6 +1059,8 @@ struct node_footer {
 	__le32 next_blkaddr;	/* next node page block address */
 } __attribute__((packed));

+static_assert(sizeof(struct node_footer) == 24, "");
+
 struct f2fs_node {
 	/* can be one of three types: inode, direct, and indirect types */
 	union {
@ -1050,6 +1071,8 @@ struct f2fs_node {
 	struct node_footer footer;
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_node) == 4096, "");
+
 /*
 * For NAT entries
 */
@ -1064,10 +1087,14 @@ struct f2fs_nat_entry {
 	__le32 block_addr;	/* block address */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_nat_entry) == 9, "");
+
 struct f2fs_nat_block {
 	struct f2fs_nat_entry entries[NAT_ENTRY_PER_BLOCK];
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_nat_block) == 4095, "");
+
 /*
 * For SIT entries
 *
@ -1107,10 +1134,14 @@ struct f2fs_sit_entry {
 	__le64 mtime;				/* segment age for cleaning */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_sit_entry) == 74, "");
+
 struct f2fs_sit_block {
 	struct f2fs_sit_entry entries[SIT_ENTRY_PER_BLOCK];
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_sit_block) == 4070, "");
+
 /*
 * For segment summary
 *
@ -1143,6 +1174,8 @@ struct f2fs_summary {
 	};
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_summary) == 7, "");
+
 /* summary block type, node or data, is stored to the summary_footer */
 #define SUM_TYPE_NODE		(1)
 #define SUM_TYPE_DATA		(0)
@ -1152,6 +1185,8 @@ struct summary_footer {
 	__le32 check_sum;		/* summary checksum */
 } __attribute__((packed));

+static_assert(sizeof(struct summary_footer) == 5, "");
+
 #define SUM_JOURNAL_SIZE	(F2FS_BLKSIZE - SUM_FOOTER_SIZE -\
 				SUM_ENTRIES_SIZE)
 #define NAT_JOURNAL_ENTRIES	((SUM_JOURNAL_SIZE - 2) /\
@ -1183,26 +1218,36 @@ struct nat_journal_entry {
 	struct f2fs_nat_entry ne;
 } __attribute__((packed));

+static_assert(sizeof(struct nat_journal_entry) == 13, "");
+
 struct nat_journal {
 	struct nat_journal_entry entries[NAT_JOURNAL_ENTRIES];
 	__u8 reserved[NAT_JOURNAL_RESERVED];
 } __attribute__((packed));

+static_assert(sizeof(struct nat_journal) == 505, "");
+
 struct sit_journal_entry {
 	__le32 segno;
 	struct f2fs_sit_entry se;
 } __attribute__((packed));

+static_assert(sizeof(struct sit_journal_entry) == 78, "");
+
 struct sit_journal {
 	struct sit_journal_entry entries[SIT_JOURNAL_ENTRIES];
 	__u8 reserved[SIT_JOURNAL_RESERVED];
 } __attribute__((packed));

+static_assert(sizeof(struct sit_journal) == 505, "");
+
 struct f2fs_extra_info {
 	__le64 kbytes_written;
 	__u8 reserved[EXTRA_INFO_RESERVED];
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_extra_info) == 505, "");
+
 struct f2fs_journal {
 	union {
 		__le16 n_nats;
@ -1216,6 +1261,8 @@ struct f2fs_journal {
 	};
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_journal) == 507, "");
+
 /* 4KB-sized summary block structure */
 struct f2fs_summary_block {
 	struct f2fs_summary entries[ENTRIES_IN_SUM];
@ -1223,6 +1270,8 @@ struct f2fs_summary_block {
 	struct summary_footer footer;
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_summary_block) == 4096, "");
+
 /*
 * For directory operations
 */
@ -1264,6 +1313,8 @@ struct f2fs_dir_entry {
 	__u8 file_type;		/* file type */
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_dir_entry) == 11, "");
+
 /* 4KB-sized directory entry block */
 struct f2fs_dentry_block {
 	/* validity bitmap for directory entries in each block */
@ -1272,6 +1323,9 @@ struct f2fs_dentry_block {
 	struct f2fs_dir_entry dentry[NR_DENTRY_IN_BLOCK];
 	__u8 filename[NR_DENTRY_IN_BLOCK][F2FS_SLOT_LEN];
 } __attribute__((packed));
+
+static_assert(sizeof(struct f2fs_dentry_block) == 4096, "");
+
 #pragma pack(pop)

 /* for inline stuff */
--- a/include/quota.h
+++ b/include/quota.h
@ -50,6 +50,8 @@ struct v2_disk_dqheader {
 	uint32_t dqh_version;	/* File version */
 } __attribute__ ((packed));

+static_assert(sizeof(struct v2_disk_dqheader) == 8, "");
+
 /* Header with type and version specific information */
 struct v2_disk_dqinfo {
 	uint32_t dqi_bgrace;	/* Time before block soft limit becomes hard limit */
@ -60,6 +62,8 @@ struct v2_disk_dqinfo {
 	uint32_t dqi_free_entry;	/* Number of block with at least one free entry */
 } __attribute__ ((packed));

+static_assert(sizeof(struct v2_disk_dqinfo) == 24, "");
+
 struct v2r1_disk_dqblk {
 	__le32 dqb_id;  	/* id this quota applies to */
 	__le32 dqb_pad;
@ -74,6 +78,9 @@ struct v2r1_disk_dqblk {
 	__le64 dqb_btime;       /* time limit for excessive disk use */
 	__le64 dqb_itime;       /* time limit for excessive inode use */
 } __attribute__ ((packed));
+
+static_assert(sizeof(struct v2r1_disk_dqblk) == 72, "");
+
 #pragma pack(pop)

 #endif
--- a/tools/f2fscrypt.c
+++ b/tools/f2fscrypt.c
@ -104,6 +104,8 @@ struct f2fs_fscrypt_policy {
 	__u8 master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE];
 } __attribute__((packed));

+static_assert(sizeof(struct f2fs_fscrypt_policy) == 12, "");
+
 #define F2FS_IOC_SET_ENCRYPTION_POLICY	_IOR('f', 19, struct f2fs_fscrypt_policy)
 #define F2FS_IOC_GET_ENCRYPTION_PWSALT	_IOW('f', 20, __u8[16])
 #define F2FS_IOC_GET_ENCRYPTION_POLICY	_IOW('f', 21, struct f2fs_fscrypt_policy)
@ -121,6 +123,8 @@ struct f2fs_encryption_key {
        __u32 size;
 } __attribute__((__packed__));

+static_assert(sizeof(struct f2fs_encryption_key) == 72, "");
+
 int options;

 extern void f2fs_sha512(const unsigned char *in, unsigned long in_size,