* [PATCH] fix bad quota inodes in the superblock causing xfs_repair to crash
@ 2007-02-20 7:59 Barry Naujok
2007-02-20 14:35 ` Eric Sandeen
0 siblings, 1 reply; 2+ messages in thread
From: Barry Naujok @ 2007-02-20 7:59 UTC (permalink / raw)
To: xfs; +Cc: xfs-dev
[-- Attachment #1: Type: text/plain, Size: 262 bytes --]
Thanks to Eric for generating bad images with fsfuzzer, bad quota inode
values in the superblock caused xfs_repair to segfault. The patch checks the
validity of the inodes before doing an internal lookup which assumes the
numbers are valid before being called.
[-- Attachment #2: bad_quota_ino_crash.diff --]
[-- Type: application/octet-stream, Size: 1557 bytes --]
--- a/xfsprogs/repair/phase4.c 2007-02-20 18:50:18.000000000 +1100
+++ b/xfsprogs/repair/phase4.c 2007-02-20 18:42:00.764536317 +1100
@@ -1059,8 +1059,12 @@ quotino_check(xfs_mount_t *mp)
ino_tree_node_t *irec;
if (mp->m_sb.sb_uquotino != NULLFSINO && mp->m_sb.sb_uquotino != 0) {
- irec = find_inode_rec(XFS_INO_TO_AGNO(mp, mp->m_sb.sb_uquotino),
- XFS_INO_TO_AGINO(mp, mp->m_sb.sb_uquotino));
+ if (verify_inum(mp, mp->m_sb.sb_uquotino))
+ irec = NULL;
+ else
+ irec = find_inode_rec(
+ XFS_INO_TO_AGNO(mp, mp->m_sb.sb_uquotino),
+ XFS_INO_TO_AGINO(mp, mp->m_sb.sb_uquotino));
if (irec == NULL || is_inode_free(irec,
mp->m_sb.sb_uquotino - irec->ino_startnum)) {
@@ -1071,8 +1075,12 @@ quotino_check(xfs_mount_t *mp)
}
if (mp->m_sb.sb_gquotino != NULLFSINO && mp->m_sb.sb_gquotino != 0) {
- irec = find_inode_rec(XFS_INO_TO_AGNO(mp, mp->m_sb.sb_gquotino),
- XFS_INO_TO_AGINO(mp, mp->m_sb.sb_gquotino));
+ if (verify_inum(mp, mp->m_sb.sb_gquotino))
+ irec = NULL;
+ else
+ irec = find_inode_rec(
+ XFS_INO_TO_AGNO(mp, mp->m_sb.sb_gquotino),
+ XFS_INO_TO_AGINO(mp, mp->m_sb.sb_gquotino));
if (irec == NULL || is_inode_free(irec,
mp->m_sb.sb_gquotino - irec->ino_startnum)) {
@@ -1322,7 +1330,7 @@ phase4(xfs_mount_t *mp)
/*
* now reset the bitmap for all ags
*/
- bzero(ba_bmap[i],
+ bzero(ba_bmap[i],
roundup((mp->m_sb.sb_agblocks+(NBBY/XR_BB)-1)/(NBBY/XR_BB),
sizeof(__uint64_t)));
for (j = 0; j < ag_hdr_block; j++)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] fix bad quota inodes in the superblock causing xfs_repair to crash
2007-02-20 7:59 [PATCH] fix bad quota inodes in the superblock causing xfs_repair to crash Barry Naujok
@ 2007-02-20 14:35 ` Eric Sandeen
0 siblings, 0 replies; 2+ messages in thread
From: Eric Sandeen @ 2007-02-20 14:35 UTC (permalink / raw)
To: Barry Naujok; +Cc: xfs, xfs-dev
Barry Naujok wrote:
> Thanks to Eric for generating bad images with fsfuzzer, bad quota inode
> values in the superblock caused xfs_repair to segfault. The patch checks the
> validity of the inodes before doing an internal lookup which assumes the
> numbers are valid before being called.
>
Looks good to me Barry, thanks! I'll see if I can find more corrupt
images for you. ;-)
-Eric
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-02-20 14:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-02-20 7:59 [PATCH] fix bad quota inodes in the superblock causing xfs_repair to crash Barry Naujok
2007-02-20 14:35 ` Eric Sandeen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.