Compare commits

...

No commits in common. "c8" and "imports/c8s/e2fsprogs-1.45.6-3.el8" have entirely different histories.

52 changed files with 2 additions and 3204 deletions

View File

@ -1,126 +0,0 @@
From 2c98da4e6a3e106c340972adedc6f79c4c1969f2 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 28 Dec 2021 12:33:15 -0500
Subject: [PATCH] reisze2fs: sanity check free block group counts when
calculating minimum size
If one or more block group descriptor's free blocks count is insane,
it's possible this can lead to a infinite loop in the function
calculate_minimum_resize_size(), which is called by resize2fs -P or
resize2fs -M.
Add some sanity checks to avoid this. In the case where the file
system is corrupt, this will result in resize2fs -P reporting an
incorrect value, but that's OK, since when we try to do an actual
resize operation, resize2fs requires that the file system be freshly
checked using e2fsck.
https://github.com/tytso/e2fsprogs/issues/94
Fixes: ac94445fc01f ("resize2fs: make minimum size estimates more reliable for mounted fs")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
resize/resize2fs.c | 13 +++++++++--
tests/r_corrupt_fs/expect | 4 ++++
tests/r_corrupt_fs/name | 1 +
tests/r_corrupt_fs/script | 45 +++++++++++++++++++++++++++++++++++++++
4 files changed, 61 insertions(+), 2 deletions(-)
create mode 100644 tests/r_corrupt_fs/expect
create mode 100644 tests/r_corrupt_fs/name
create mode 100644 tests/r_corrupt_fs/script
diff --git a/resize/resize2fs.c b/resize/resize2fs.c
index 8a3d08db..26050fec 100644
--- a/resize/resize2fs.c
+++ b/resize/resize2fs.c
@@ -2928,8 +2928,17 @@ blk64_t calculate_minimum_resize_size(ext2_filsys fs, int flags)
/* calculate how many blocks are needed for data */
data_needed = ext2fs_blocks_count(fs->super);
for (grp = 0; grp < fs->group_desc_count; grp++) {
- data_needed -= calc_group_overhead(fs, grp, old_desc_blocks);
- data_needed -= ext2fs_bg_free_blocks_count(fs, grp);
+ __u32 n = ext2fs_bg_free_blocks_count(fs, grp);
+
+ if (n > EXT2_BLOCKS_PER_GROUP(fs->super))
+ n = EXT2_BLOCKS_PER_GROUP(fs->super);
+ n += calc_group_overhead(fs, grp, old_desc_blocks);
+ if (data_needed < n) {
+ if (flags & RESIZE_DEBUG_MIN_CALC)
+ printf("file system appears inconsistent?!?\n");
+ return ext2fs_blocks_count(fs->super);
+ }
+ data_needed -= n;
}
#ifdef RESIZE2FS_DEBUG
if (flags & RESIZE_DEBUG_MIN_CALC)
diff --git a/tests/r_corrupt_fs/expect b/tests/r_corrupt_fs/expect
new file mode 100644
index 00000000..fe0f2bc4
--- /dev/null
+++ b/tests/r_corrupt_fs/expect
@@ -0,0 +1,4 @@
+mke2fs -q -F -t ext4 -o Linux -b 1024 test.img 32M
+debugfs -w -R "set_bg 1 free_blocks_count 65536" /tmp/foo.img
+resize2fs -P /tmp/foo.img
+Estimated minimum size of the filesystem: 6604
diff --git a/tests/r_corrupt_fs/name b/tests/r_corrupt_fs/name
new file mode 100644
index 00000000..ed627419
--- /dev/null
+++ b/tests/r_corrupt_fs/name
@@ -0,0 +1 @@
+resize2fs -P of a corrupted file system
diff --git a/tests/r_corrupt_fs/script b/tests/r_corrupt_fs/script
new file mode 100644
index 00000000..08af91ed
--- /dev/null
+++ b/tests/r_corrupt_fs/script
@@ -0,0 +1,45 @@
+if ! test -x $RESIZE2FS_EXE -o ! -x $DEBUGFS_EXE; then
+ echo "$test_name: $test_description: skipped (no debugfs/resize2fs)"
+ return 0
+fi
+
+OUT=$test_name.log
+if [ -f $test_dir/expect.gz ]; then
+ EXP=$test_name.tmp
+ gunzip < $test_dir/expect.gz > $EXP1
+else
+ EXP=$test_dir/expect
+fi
+
+echo mke2fs -q -F -t ext4 -o Linux -b 1024 test.img 32M > $OUT.new
+$MKE2FS -q -F -t ext4 -o Linux -b 1024 $TMPFILE 32M >> $OUT.new 2>&1
+
+echo debugfs -w -R \"set_bg 1 free_blocks_count 65536\" /tmp/foo.img >> $OUT.new
+$DEBUGFS -w -R "set_bg 1 free_blocks_count 65536" $TMPFILE > /dev/null 2>&1
+
+if type timeout > /dev/null 2>&1 ; then
+ TIMEOUT="timeout -v 30s"
+else
+ TIMEOUT=
+fi
+
+echo resize2fs -P /tmp/foo.img >> $OUT.new
+$TIMEOUT $RESIZE2FS -P $TMPFILE >> $OUT.new 2>&1
+
+sed -f $cmd_dir/filter.sed < $OUT.new > $OUT
+
+rm -f $TMPFILE $OUT.new
+
+cmp -s $OUT $EXP
+status=$?
+
+if [ "$status" = 0 ] ; then
+ echo "$test_name: $test_description: ok"
+ touch $test_name.ok
+else
+ echo "$test_name: $test_description: failed"
+ diff $DIFF_OPTS $EXP $OUT > $test_name.failed
+ rm -f $test_name.tmp
+fi
+
+unset IMAGE OUT EXP TIMEOUT
--
2.34.1

View File

@ -1,43 +0,0 @@
From 0ec67ba5063b1fdcad4142633338c2cc98b60b5b Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Wed, 16 Feb 2022 11:12:28 +0100
Subject: [PATCH] tests: specify inode size in r_corrupt_fs
Inode size will have an effect on the minimum resize size and this will
have an effect on the test output. Stabilize the output by specifying
the inode size instead of relying on the system configuration.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
tests/r_corrupt_fs/expect | 2 +-
tests/r_corrupt_fs/script | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/r_corrupt_fs/expect b/tests/r_corrupt_fs/expect
index fe0f2bc4..fbc0c23e 100644
--- a/tests/r_corrupt_fs/expect
+++ b/tests/r_corrupt_fs/expect
@@ -1,4 +1,4 @@
-mke2fs -q -F -t ext4 -o Linux -b 1024 test.img 32M
+mke2fs -q -F -t ext4 -o Linux -b 1024 -I 256 test.img 32M
debugfs -w -R "set_bg 1 free_blocks_count 65536" /tmp/foo.img
resize2fs -P /tmp/foo.img
Estimated minimum size of the filesystem: 6604
diff --git a/tests/r_corrupt_fs/script b/tests/r_corrupt_fs/script
index f6d3a89d..45bbe071 100644
--- a/tests/r_corrupt_fs/script
+++ b/tests/r_corrupt_fs/script
@@ -11,8 +11,8 @@ else
EXP=$test_dir/expect
fi
-echo mke2fs -q -F -t ext4 -o Linux -b 1024 test.img 32M > $OUT.new
-$MKE2FS -q -F -t ext4 -o Linux -b 1024 $TMPFILE 32M >> $OUT.new 2>&1
+echo mke2fs -q -F -t ext4 -o Linux -b 1024 -I 256 test.img 32M > $OUT.new
+$MKE2FS -q -F -t ext4 -o Linux -b 1024 -I 256 $TMPFILE 32M >> $OUT.new 2>&1
echo debugfs -w -R \"set_bg 1 free_blocks_count 65536\" /tmp/foo.img >> $OUT.new
$DEBUGFS -w -R "set_bg 1 free_blocks_count 65536" $TMPFILE > /dev/null 2>&1
--
2.34.1

View File

@ -1,31 +0,0 @@
From af09db229f74f447aec12e440252d8a94c049f26 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Mon, 3 Jan 2022 22:45:37 -0500
Subject: [PATCH] tests: support older versions of timeout in r_corrupt_fs
Older versions of the timeout program in coreutils don't support the
-v option. (This is apparently still in use in the GNU/FreeBSD Debain
port since coreutils hasn't built successfully since Coreutils version
8.28.)
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
tests/r_corrupt_fs/script | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/r_corrupt_fs/script b/tests/r_corrupt_fs/script
index 08af91ed..f6d3a89d 100644
--- a/tests/r_corrupt_fs/script
+++ b/tests/r_corrupt_fs/script
@@ -17,7 +17,7 @@ $MKE2FS -q -F -t ext4 -o Linux -b 1024 $TMPFILE 32M >> $OUT.new 2>&1
echo debugfs -w -R \"set_bg 1 free_blocks_count 65536\" /tmp/foo.img >> $OUT.new
$DEBUGFS -w -R "set_bg 1 free_blocks_count 65536" $TMPFILE > /dev/null 2>&1
-if type timeout > /dev/null 2>&1 ; then
+if timeout -v 1s true > /dev/null 2>&1 ; then
TIMEOUT="timeout -v 30s"
else
TIMEOUT=
--
2.34.1

View File

@ -1,100 +0,0 @@
From 0111635ea5798f98665714e161c3c7746184a04b Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 23 Feb 2021 16:02:42 -0500
Subject: [PATCH 21/46] Add checks for fs->blocksize == 0 which could cause
some crashes
Content-Type: text/plain
This should never happeb, but some checks is useful, and also fixes
some Coverity warnings.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
debugfs/do_journal.c | 2 --
lib/ext2fs/csum.c | 3 +++
lib/ext2fs/ext2_err.et.in | 3 +++
lib/ext2fs/inode.c | 4 ++++
misc/e2image.c | 5 +++--
5 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/debugfs/do_journal.c b/debugfs/do_journal.c
index 5091a530..8261fa95 100644
--- a/debugfs/do_journal.c
+++ b/debugfs/do_journal.c
@@ -528,8 +528,6 @@ static errcode_t journal_write(journal_t *journal,
}
err = journal_close_trans(&trans);
- if (err)
- goto error;
error:
return err;
}
diff --git a/lib/ext2fs/csum.c b/lib/ext2fs/csum.c
index 2151003b..28b3bb05 100644
--- a/lib/ext2fs/csum.c
+++ b/lib/ext2fs/csum.c
@@ -263,6 +263,9 @@ static errcode_t __get_dirent_tail(ext2_filsys fs,
errcode_t retval = 0;
__u16 (*translate)(__u16) = (need_swab ? disk_to_host16 : do_nothing16);
+ if (fs->blocksize < 1024)
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
+
d = dirent;
top = EXT2_DIRENT_TAIL(dirent, fs->blocksize);
diff --git a/lib/ext2fs/ext2_err.et.in b/lib/ext2fs/ext2_err.et.in
index 0c76fee6..cf0e00ea 100644
--- a/lib/ext2fs/ext2_err.et.in
+++ b/lib/ext2fs/ext2_err.et.in
@@ -548,4 +548,7 @@ ec EXT2_ET_EA_INODE_CORRUPTED,
ec EXT2_ET_NO_GDESC,
"Group descriptors not loaded"
+ec EXT2_FILSYS_CORRUPTED,
+ "The internal ext2_filsys data structure appears to be corrupted"
+
end
diff --git a/lib/ext2fs/inode.c b/lib/ext2fs/inode.c
index c4377eeb..6f42882e 100644
--- a/lib/ext2fs/inode.c
+++ b/lib/ext2fs/inode.c
@@ -144,6 +144,8 @@ errcode_t ext2fs_open_inode_scan(ext2_filsys fs, int buffer_blocks,
errcode_t (*save_get_blocks)(ext2_filsys f, ext2_ino_t ino, blk_t *blocks);
EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
+ if (fs->blocksize < 1024)
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
/*
* If fs->badblocks isn't set, then set it --- since the inode
@@ -764,6 +766,8 @@ errcode_t ext2fs_read_inode2(ext2_filsys fs, ext2_ino_t ino,
int cache_slot, fail_csum;
EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
+ if (fs->blocksize < 1024)
+ return EXT2_FILSYS_CORRUPTED; /* Should never happen */
/* Check to see if user has an override function */
if (fs->read_inode &&
diff --git a/misc/e2image.c b/misc/e2image.c
index 892c5371..195fabb2 100644
--- a/misc/e2image.c
+++ b/misc/e2image.c
@@ -892,8 +892,9 @@ static errcode_t initialize_qcow2_image(int fd, ext2_filsys fs,
int cluster_bits = get_bits_from_size(fs->blocksize);
struct ext2_super_block *sb = fs->super;
- if (fs->blocksize < 1024)
- return EINVAL; /* Can never happen, but just in case... */
+ /* Sbould never happen, but just in case... */
+ if (cluster_bits < 0)
+ return EXT2_FILSYS_CORRUPTED;
/* Allocate header */
ret = ext2fs_get_memzero(sizeof(struct ext2_qcow2_hdr), &header);
--
2.35.1

View File

@ -1,104 +0,0 @@
From 1466a142efe5b20ddda2ce96c0d409dc294fd1b2 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sat, 23 Jan 2021 00:57:18 -0500
Subject: [PATCH 17/46] Fix clang warnings
Content-Type: text/plain
Clang gets unhappy when passing an unsigned char to string functions.
For better or for worse we use __u8[] in the definition of the
superblock. So cast them these to "char *" to prevent clang
build-time warnings.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
e2fsck/unix.c | 2 +-
lib/ext2fs/mmp.c | 8 ++++----
misc/e2fuzz.c | 3 ++-
misc/mke2fs.c | 4 ++--
4 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/e2fsck/unix.c b/e2fsck/unix.c
index e71d7833..15a73e7c 100644
--- a/e2fsck/unix.c
+++ b/e2fsck/unix.c
@@ -1693,7 +1693,7 @@ failure:
* or informational messages to the user.
*/
if (ctx->device_name == 0 && sb->s_volume_name[0])
- ctx->device_name = string_copy(ctx, sb->s_volume_name,
+ ctx->device_name = string_copy(ctx, (char *) sb->s_volume_name,
sizeof(sb->s_volume_name));
if (ctx->device_name == 0)
diff --git a/lib/ext2fs/mmp.c b/lib/ext2fs/mmp.c
index e96a2273..973b9ecd 100644
--- a/lib/ext2fs/mmp.c
+++ b/lib/ext2fs/mmp.c
@@ -210,11 +210,11 @@ static errcode_t ext2fs_mmp_reset(ext2_filsys fs)
mmp_s->mmp_seq = EXT4_MMP_SEQ_CLEAN;
mmp_s->mmp_time = 0;
#ifdef HAVE_GETHOSTNAME
- gethostname(mmp_s->mmp_nodename, sizeof(mmp_s->mmp_nodename));
+ gethostname((char *) mmp_s->mmp_nodename, sizeof(mmp_s->mmp_nodename));
#else
mmp_s->mmp_nodename[0] = '\0';
#endif
- strncpy(mmp_s->mmp_bdevname, fs->device_name,
+ strncpy((char *) mmp_s->mmp_bdevname, fs->device_name,
sizeof(mmp_s->mmp_bdevname));
mmp_s->mmp_check_interval = fs->super->s_mmp_update_interval;
@@ -352,11 +352,11 @@ clean_seq:
mmp_s->mmp_seq = seq = ext2fs_mmp_new_seq();
#ifdef HAVE_GETHOSTNAME
- gethostname(mmp_s->mmp_nodename, sizeof(mmp_s->mmp_nodename));
+ gethostname((char *) mmp_s->mmp_nodename, sizeof(mmp_s->mmp_nodename));
#else
strcpy(mmp_s->mmp_nodename, "unknown host");
#endif
- strncpy(mmp_s->mmp_bdevname, fs->device_name,
+ strncpy((char *) mmp_s->mmp_bdevname, fs->device_name,
sizeof(mmp_s->mmp_bdevname));
retval = ext2fs_mmp_write(fs, fs->super->s_mmp_block, fs->mmp_buf);
diff --git a/misc/e2fuzz.c b/misc/e2fuzz.c
index 7c0f776f..65b6ae73 100644
--- a/misc/e2fuzz.c
+++ b/misc/e2fuzz.c
@@ -172,7 +172,8 @@ static uint64_t rand_num(uint64_t min, uint64_t max)
for (i = 0; i < sizeof(x); i++)
px[i] = random();
- return min + (uint64_t)((double)(max - min) * (x / (UINT64_MAX + 1.0)));
+ return min + (uint64_t)((double)(max - min) *
+ (x / ((double) UINT64_MAX + 1.0)));
}
static int process_fs(const char *fsname)
diff --git a/misc/mke2fs.c b/misc/mke2fs.c
index 27e7d174..0184a3a8 100644
--- a/misc/mke2fs.c
+++ b/misc/mke2fs.c
@@ -3151,7 +3151,7 @@ int main (int argc, char *argv[])
if (volume_label) {
memset(fs->super->s_volume_name, 0,
sizeof(fs->super->s_volume_name));
- strncpy(fs->super->s_volume_name, volume_label,
+ strncpy((char *) fs->super->s_volume_name, volume_label,
sizeof(fs->super->s_volume_name));
}
@@ -3161,7 +3161,7 @@ int main (int argc, char *argv[])
if (mount_dir) {
memset(fs->super->s_last_mounted, 0,
sizeof(fs->super->s_last_mounted));
- strncpy(fs->super->s_last_mounted, mount_dir,
+ strncpy((char *) fs->super->s_last_mounted, mount_dir,
sizeof(fs->super->s_last_mounted));
}
--
2.35.1

View File

@ -1,48 +0,0 @@
From c74301ce5020c499445eb5c32bd70e4a1099a62d Mon Sep 17 00:00:00 2001
From: wuguanghao <wuguanghao3@huawei.com>
Date: Wed, 30 Jun 2021 16:27:18 +0800
Subject: [PATCH 29/46] append_pathname: check the value returned by realloc
Content-Type: text/plain
In append_pathname(), we need to add a new path to save the value
returned by realloc, otherwise the name->path may be NULL, causing
a segfault.
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
contrib/fsstress.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/contrib/fsstress.c b/contrib/fsstress.c
index 2a983482..2136a903 100644
--- a/contrib/fsstress.c
+++ b/contrib/fsstress.c
@@ -599,6 +599,7 @@ void add_to_flist(int ft, int id, int parent)
void append_pathname(pathname_t * name, char *str)
{
int len;
+ char *path;
len = strlen(str);
#ifdef DEBUG
@@ -609,7 +610,13 @@ void append_pathname(pathname_t * name, char *str)
}
#endif
- name->path = realloc(name->path, name->len + 1 + len);
+ path = realloc(name->path, name->len + 1 + len);
+ if (path == NULL) {
+ fprintf(stderr, "fsstress: append_pathname realloc failed\n");
+ chdir(homedir);
+ abort();
+ }
+ name->path = path;
strcpy(&name->path[name->len], str);
name->len += len;
}
--
2.35.1

View File

@ -1,34 +0,0 @@
From 9e298ba470a6abc7d94fe659cf65fcb0b993c0b8 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 30 Jun 2021 16:27:19 +0800
Subject: [PATCH 30/46] argv_parse: check return value of malloc in
argv_parse()
Content-Type: text/plain
In argv_parse(), return value of malloc should be checked
whether it is NULL, otherwise, it may cause a segfault error.
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/support/argv_parse.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/support/argv_parse.c b/lib/support/argv_parse.c
index d22f6344..1f50f9e5 100644
--- a/lib/support/argv_parse.c
+++ b/lib/support/argv_parse.c
@@ -116,6 +116,8 @@ int argv_parse(char *in_buf, int *ret_argc, char ***ret_argv)
if (argv == 0) {
argv = malloc(sizeof(char *));
free(buf);
+ if (!argv)
+ return -1;
}
argv[argc] = 0;
if (ret_argc)
--
2.35.1

View File

@ -1,47 +0,0 @@
From ade5263a516e4081abc14f63a73a5e0a96bb3f71 Mon Sep 17 00:00:00 2001
From: Antoine Tenart <antoine.tenart@bootlin.com>
Date: Fri, 17 Jul 2020 12:08:46 +0200
Subject: [PATCH 13/46] create_inode: set xattrs to the root directory as well
Content-Type: text/plain
populate_fs do copy the xattrs for all files and directories, but the
root directory is skipped and as a result its extended attributes aren't
set. This is an issue when using mkfs to build a full system image that
can be used with SElinux in enforcing mode without making any runtime
fix at first boot.
This patch adds logic to set the root directory's extended attributes.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/create_inode.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/misc/create_inode.c b/misc/create_inode.c
index 837f3875..6f8487b9 100644
--- a/misc/create_inode.c
+++ b/misc/create_inode.c
@@ -1050,9 +1050,17 @@ errcode_t populate_fs2(ext2_filsys fs, ext2_ino_t parent_ino,
file_info.path_max_len = 255;
file_info.path = calloc(file_info.path_max_len, 1);
+ retval = set_inode_xattr(fs, root, source_dir);
+ if (retval) {
+ com_err(__func__, retval,
+ _("while copying xattrs on root directory"));
+ goto out;
+ }
+
retval = __populate_fs(fs, parent_ino, source_dir, root, &hdlinks,
&file_info, fs_callbacks);
+out:
free(file_info.path);
free(hdlinks.hdl);
return retval;
--
2.35.1

View File

@ -1,35 +0,0 @@
From 4126c63885388e568ade780e9fed6ede37faf978 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 21 Jan 2021 16:01:14 -0500
Subject: [PATCH 16/46] debugfs: fix double free in realloc() error path in
read_list()
Content-Type: text/plain
Fixes-Coverity-Bug: 1464575
Fixes-Coverity-Bug: 1464571
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
debugfs/util.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/debugfs/util.c b/debugfs/util.c
index 759bb392..091f6f65 100644
--- a/debugfs/util.c
+++ b/debugfs/util.c
@@ -545,10 +545,8 @@ errcode_t read_list(char *str, blk64_t **list, size_t *len)
goto err;
}
l = realloc(lst, sizeof(blk64_t) * (ln + y - x + 1));
- if (l == NULL) {
- retval = ENOMEM;
- goto err;
- }
+ if (l == NULL)
+ return ENOMEM;
lst = l;
for (; x <= y; x++)
lst[ln++] = x;
--
2.35.1

View File

@ -1,92 +0,0 @@
From b31f493cadc92023056a096d0281957c49fca22c Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Fri, 12 Feb 2021 21:43:00 -0500
Subject: [PATCH 19/46] debugfs: fix memory allocation failures when parsing
journal_write arguments
Content-Type: text/plain
Fix double-free issues when parsing an invalid journal_write command,
such as: "journal_write -b 12 -b BAD -b 42".
Addresses-Coverity-Bug: 1464571
Addresses-Coverity-Bug: 1464575
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
debugfs/do_journal.c | 8 ++++++--
debugfs/util.c | 15 +++++++--------
2 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/debugfs/do_journal.c b/debugfs/do_journal.c
index 15ef6829..5091a530 100644
--- a/debugfs/do_journal.c
+++ b/debugfs/do_journal.c
@@ -554,15 +554,19 @@ void do_journal_write(int argc, char *argv[], int sci_idx EXT2FS_ATTR((unused)),
switch (opt) {
case 'b':
err = read_list(optarg, &blist, &bn);
- if (err)
+ if (err) {
com_err(argv[0], err,
"while reading block list");
+ goto out;
+ }
break;
case 'r':
err = read_list(optarg, &rlist, &rn);
- if (err)
+ if (err) {
com_err(argv[0], err,
"while reading revoke list");
+ goto out;
+ }
break;
case 'c':
flags |= JOURNAL_WRITE_NO_COMMIT;
diff --git a/debugfs/util.c b/debugfs/util.c
index 091f6f65..bbb20ff6 100644
--- a/debugfs/util.c
+++ b/debugfs/util.c
@@ -521,7 +521,7 @@ errcode_t read_list(char *str, blk64_t **list, size_t *len)
blk64_t *lst = *list;
size_t ln = *len;
char *tok, *p = str;
- errcode_t retval;
+ errcode_t retval = 0;
while ((tok = strtok(p, ","))) {
blk64_t *l;
@@ -538,15 +538,17 @@ errcode_t read_list(char *str, blk64_t **list, size_t *len)
return errno;
} else if (*e != 0) {
retval = EINVAL;
- goto err;
+ break;
}
if (y < x) {
retval = EINVAL;
- goto err;
+ break;
}
l = realloc(lst, sizeof(blk64_t) * (ln + y - x + 1));
- if (l == NULL)
- return ENOMEM;
+ if (l == NULL) {
+ retval = ENOMEM;
+ break;
+ }
lst = l;
for (; x <= y; x++)
lst[ln++] = x;
@@ -555,8 +557,5 @@ errcode_t read_list(char *str, blk64_t **list, size_t *len)
*list = lst;
*len = ln;
- return 0;
-err:
- free(lst);
return retval;
}
--
2.35.1

View File

@ -1,46 +0,0 @@
From 9221fb77a7187957ed84e45bf6ad6f5e37755e5c Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Sat, 20 Feb 2021 16:41:29 +0800
Subject: [PATCH 22/46] debugfs: fix memory leak problem in read_list()
Content-Type: text/plain
In read_list func, if strtoull() fails in while loop,
we will return the error code directly. Then, memory of
variable lst will be leaked without setting to *list.
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: linfeilong <linfeilong@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
debugfs/util.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/debugfs/util.c b/debugfs/util.c
index bbb20ff6..37620295 100644
--- a/debugfs/util.c
+++ b/debugfs/util.c
@@ -530,12 +530,16 @@ errcode_t read_list(char *str, blk64_t **list, size_t *len)
errno = 0;
y = x = strtoull(tok, &e, 0);
- if (errno)
- return errno;
+ if (errno) {
+ retval = errno;
+ break;
+ }
if (*e == '-') {
y = strtoull(e + 1, NULL, 0);
- if (errno)
- return errno;
+ if (errno) {
+ retval = errno;
+ break;
+ }
} else if (*e != 0) {
retval = EINVAL;
break;
--
2.35.1

View File

@ -1,54 +0,0 @@
From c78e3e170a63bb1804b47d4f5a6652aad0e4d3b2 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 6 Oct 2020 08:29:09 -0400
Subject: [PATCH 12/46] debugfs: fix parse_uint for 64-bit fields
Content-Type: text/plain
The logic for handling 64-bit structure elements was reversed, which
caused attempts to set fields like kbytes_written to fail:
% debugfs -w /tmp/foo.img
debugfs 1.45.6 (20-Mar-2020)
debugfs: set_super_value kbytes_written 1024
64-bit field kbytes_written has a second 64-bit field
defined; BUG?!?
https://github.com/tytso/e2fsprogs/issues/36
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
debugfs/set_fields.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/debugfs/set_fields.c b/debugfs/set_fields.c
index 5142554d..281f2c5d 100644
--- a/debugfs/set_fields.c
+++ b/debugfs/set_fields.c
@@ -487,10 +487,7 @@ static errcode_t parse_uint(struct field_set_info *info, char *field,
n = num & mask;
switch (size) {
case 8:
- /* Should never get here */
- fprintf(stderr, "64-bit field %s has a second 64-bit field\n"
- "defined; BUG?!?\n", info->name);
- *u.ptr64 = 0;
+ *u.ptr64 = n;
break;
case 4:
*u.ptr32 = n;
@@ -510,7 +507,10 @@ static errcode_t parse_uint(struct field_set_info *info, char *field,
size = 2;
switch (size) {
case 8:
- *u.ptr64 = n;
+ /* Should never get here */
+ fprintf(stderr, "64-bit field %s has a second 64-bit field\n"
+ "defined; BUG?!?\n", info->name);
+ *u.ptr64 = 0;
break;
case 4:
*u.ptr32 = n;
--
2.35.1

View File

@ -1,42 +0,0 @@
From c9d064c7a4e4ffbfaf95098c57381ee5394a1346 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 10 Aug 2021 15:36:46 -0400
Subject: [PATCH 45/46] e2fsck: add maximum string length specifiers to fscanf
format strings
Content-Type: text/plain
When parsing strings from /proc/apm and /proc/acpi/ac_adapter, add
string length limits to prevent possible buffer overruns.
Addresses-Coverty-Bug: 1297496
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
e2fsck/unix.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/e2fsck/unix.c b/e2fsck/unix.c
index 15a73e7c..ddd384b1 100644
--- a/e2fsck/unix.c
+++ b/e2fsck/unix.c
@@ -302,7 +302,7 @@ static int is_on_batt(void)
}
f = fopen("/proc/apm", "r");
if (f) {
- if (fscanf(f, "%s %s %s %x", tmp, tmp, tmp, &acflag) != 4)
+ if (fscanf(f, "%79s %79s %79s %x", tmp, tmp, tmp, &acflag) != 4)
acflag = 1;
fclose(f);
return (acflag != 1);
@@ -318,7 +318,7 @@ static int is_on_batt(void)
f = fopen(fname, "r");
if (!f)
continue;
- if (fscanf(f, "%s %s", tmp2, tmp) != 2)
+ if (fscanf(f, "%79s %79s", tmp2, tmp) != 2)
tmp[0] = 0;
fclose(f);
if (strncmp(tmp, "off-line", 8) == 0) {
--
2.35.1

View File

@ -1,43 +0,0 @@
From 5ddac7d248ad346b80702a397c886df4d1ec4f08 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Thu, 13 Feb 2020 11:15:57 +0100
Subject: [PATCH 05/46] e2fsck: fix indexed dir rehash failure with
metadata_csum enabled
Content-Type: text/plain
E2fsck directory rehashing code can fail with ENOSPC due to a bug in
ext2fs_htree_intnode_maxrecs() which fails to take metadata checksum
into account and thus e.g. e2fsck can decide to create 1 indirect level
of index tree when two are actually needed. Fix the logic to account for
metadata checksum.
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/ext2fs.h | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h
index 32c75171..d9aec525 100644
--- a/lib/ext2fs/ext2fs.h
+++ b/lib/ext2fs/ext2fs.h
@@ -2040,7 +2040,13 @@ _INLINE_ blk_t ext2fs_inode_data_blocks(ext2_filsys fs,
_INLINE_ int ext2fs_htree_intnode_maxrecs(ext2_filsys fs, int blocks)
{
- return blocks * ((fs->blocksize - 8) / sizeof(struct ext2_dx_entry));
+ int csum_size = 0;
+
+ if ((EXT2_SB(fs->super)->s_feature_ro_compat &
+ EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) != 0)
+ csum_size = sizeof(struct ext2_dx_tail);
+ return blocks * ((fs->blocksize - (8 + csum_size)) /
+ sizeof(struct ext2_dx_entry));
}
/*
--
2.35.1

View File

@ -1,64 +0,0 @@
From b93c62c3d46ed363a88668d41a87500eb5d29f98 Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Mon, 14 Jun 2021 15:27:25 +0200
Subject: [PATCH 26/46] e2fsck: fix last mount/write time when e2fsck is forced
Content-Type: text/plain
With commit c52d930f e2fsck is no longer able to fix bad last
mount/write time by default because it is conditioned on s_checkinterval
not being zero, which it is by default.
One place where it matters is when other e2fsprogs tools require to run
full file system check before a certain operation. If the last mount
time is for any reason in future, it will not allow it to run even if
full e2fsck is ran.
Fix it by checking the last mount/write time when the e2fsck is forced,
except for the case where we know the system clock is broken.
[ Reworked the conditionals so error messages claiming that the last
write/mount time were corrupted wouldn't be always printed when the
e2fsck was run with the -f option, thus causing 299 out of 372
regression tests to fail. -- TYT ]
Fixes: c52d930f ("e2fsck: don't check for future superblock times if checkinterval == 0")
Reported-by: Dusty Mabe <dustymabe@redhat.com>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
e2fsck/super.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/e2fsck/super.c b/e2fsck/super.c
index e1c3f935..31e2ffb2 100644
--- a/e2fsck/super.c
+++ b/e2fsck/super.c
@@ -1038,9 +1038,9 @@ void check_super_block(e2fsck_t ctx)
* Check to see if the superblock last mount time or last
* write time is in the future.
*/
- if (!broken_system_clock && fs->super->s_checkinterval &&
- !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
- fs->super->s_mtime > (__u32) ctx->now) {
+ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) &&
+ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
+ (fs->super->s_mtime > (__u32) ctx->now)) {
pctx.num = fs->super->s_mtime;
problem = PR_0_FUTURE_SB_LAST_MOUNT;
if (fs->super->s_mtime <= (__u32) ctx->now + ctx->time_fudge)
@@ -1050,9 +1050,9 @@ void check_super_block(e2fsck_t ctx)
fs->flags |= EXT2_FLAG_DIRTY;
}
}
- if (!broken_system_clock && fs->super->s_checkinterval &&
- !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
- fs->super->s_wtime > (__u32) ctx->now) {
+ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) &&
+ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
+ (fs->super->s_wtime > (__u32) ctx->now)) {
pctx.num = fs->super->s_wtime;
problem = PR_0_FUTURE_SB_LAST_WRITE;
if (fs->super->s_wtime <= (__u32) ctx->now + ctx->time_fudge)
--
2.35.1

View File

@ -1,31 +0,0 @@
From 669a17d35cdfd9cf5b76e97016fae2df2d72e768 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Fri, 10 Apr 2020 00:30:52 -0400
Subject: [PATCH 07/46] e2fsck: fix off-by-one check when validating depth of
an htree
Content-Type: text/plain
Fixes: 3f0cf6475399 ("e2fsprogs: add support for 3-level htree")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
e2fsck/pass1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c
index c9e8bf82..38afda48 100644
--- a/e2fsck/pass1.c
+++ b/e2fsck/pass1.c
@@ -2685,7 +2685,7 @@ static int handle_htree(e2fsck_t ctx, struct problem_context *pctx,
return 1;
pctx->num = root->indirect_levels;
- if ((root->indirect_levels > ext2_dir_htree_level(fs)) &&
+ if ((root->indirect_levels >= ext2_dir_htree_level(fs)) &&
fix_problem(ctx, PR_1_HTREE_DEPTH, pctx))
return 1;
--
2.35.1

View File

@ -1,47 +0,0 @@
From 8a97e4f67f75a4584f7562b7e5d866431c88152e Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 5 Jun 2020 10:14:40 +0200
Subject: [PATCH 09/46] e2fsck: use size_t instead of int in string_copy()
Content-Type: text/plain
len argument in string_copy() is int, but it is used with malloc(),
strlen(), strncpy() and some callers use sizeof() to pass value in. So
it really ought to be size_t rather than int. Fix it.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
e2fsck/e2fsck.h | 2 +-
e2fsck/util.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/e2fsck/e2fsck.h b/e2fsck/e2fsck.h
index feb605c7..7e0895c2 100644
--- a/e2fsck/e2fsck.h
+++ b/e2fsck/e2fsck.h
@@ -608,7 +608,7 @@ extern void log_err(e2fsck_t ctx, const char *fmt, ...)
extern void e2fsck_read_bitmaps(e2fsck_t ctx);
extern void e2fsck_write_bitmaps(e2fsck_t ctx);
extern void preenhalt(e2fsck_t ctx);
-extern char *string_copy(e2fsck_t ctx, const char *str, int len);
+extern char *string_copy(e2fsck_t ctx, const char *str, size_t len);
extern int fs_proc_check(const char *fs_name);
extern int check_for_modules(const char *fs_name);
#ifdef RESOURCE_TRACK
diff --git a/e2fsck/util.c b/e2fsck/util.c
index d98b8e47..88e0ea8a 100644
--- a/e2fsck/util.c
+++ b/e2fsck/util.c
@@ -135,7 +135,7 @@ void *e2fsck_allocate_memory(e2fsck_t ctx, unsigned long size,
}
char *string_copy(e2fsck_t ctx EXT2FS_ATTR((unused)),
- const char *str, int len)
+ const char *str, size_t len)
{
char *ret;
--
2.35.1

View File

@ -1,38 +0,0 @@
From 1a97380b1cc4d167697e31e5fb663e805629c1ab Mon Sep 17 00:00:00 2001
From: Artem Blagodarenko <artem.blagodarenko@gmail.com>
Date: Thu, 22 Apr 2021 01:24:48 -0400
Subject: [PATCH 25/46] e2image: fix overflow in l2 table processing
Content-Type: text/plain
For a large partition during e2image capture process
it is possible to overflow offset at multiply operation.
This leads to the situation when data is written to the
position at the start of the image instead of the image end.
Let's use the right cast to avoid integer overflow.
Signed-off-by: Alexey Lyashkov <c17817@cray.com>
Signed-off-by: Artem Blagodarenko <c17828@cray.com>
HPE-bug-id: LUS-9368
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/qcow2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ext2fs/qcow2.c b/lib/ext2fs/qcow2.c
index ee701f7a..20824170 100644
--- a/lib/ext2fs/qcow2.c
+++ b/lib/ext2fs/qcow2.c
@@ -238,7 +238,7 @@ int qcow2_write_raw_image(int qcow2_fd, int raw_fd,
if (offset == 0)
continue;
- off_out = (l1_index * img.l2_size) +
+ off_out = ((__u64)l1_index * img.l2_size) +
l2_index;
off_out <<= img.cluster_bits;
ret = qcow2_copy_data(qcow2_fd, raw_fd, offset,
--
2.35.1

View File

@ -1,34 +0,0 @@
From c0a66f76f9c5b2ed0c2f20d1b59b4715f10a60f7 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 30 Jun 2021 16:27:24 +0800
Subject: [PATCH 33/46] ext2ed: fix potential NULL pointer dereference in
dupstr()
Content-Type: text/plain
In dupstr(), we should check return value of malloc().
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Reviewed-by: Wu Bo <wubo40@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
ext2ed/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ext2ed/main.c b/ext2ed/main.c
index f7e7d7df..9d33a8e1 100644
--- a/ext2ed/main.c
+++ b/ext2ed/main.c
@@ -524,6 +524,8 @@ char *dupstr (char *src)
char *ptr;
ptr=(char *) malloc (strlen (src)+1);
+ if (!ptr)
+ return NULL;
strcpy (ptr,src);
return (ptr);
}
--
2.35.1

View File

@ -1,54 +0,0 @@
From 381bc5d98b2a8a65b1f559e31e67361a761aefee Mon Sep 17 00:00:00 2001
From: Luis Henriques <lhenriques@suse.de>
Date: Wed, 28 Oct 2020 15:55:50 +0000
Subject: [PATCH 14/46] filefrag: handle invalid st_dev and blksize cases
Content-Type: text/plain
It is possible to crash filefrag with a "Floating point exception" in
two different scenarios:
1. When fstat() returns a device ID set to 0
2. When FIGETBSZ ioctl returns a blocksize of 0
In both scenarios a divide-by-zero will occur in frag_report() because
variable blksize will be set to zero.
I've managed to trigger this crash with an old CephFS kernel client,
using xfstest generic/519. The first scenario has been fixed by kernel
commit 75c9627efb72 ("ceph: map snapid to anonymous bdev ID"). The
second scenario is also fixed with commit 8f97d1e99149 ("vfs: fix
FIGETBSZ ioctl on an overlayfs file").
However, it is desirable to handle these two scenarios gracefully by
checking these conditions explicitly.
Signed-off-by: Luis Henriques <lhenriques@suse.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/filefrag.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/misc/filefrag.c b/misc/filefrag.c
index 032535f3..a5b9bfe9 100644
--- a/misc/filefrag.c
+++ b/misc/filefrag.c
@@ -418,13 +418,13 @@ static int frag_report(const char *filename)
goto out_close;
}
- if (last_device != st.st_dev) {
+ if ((last_device != st.st_dev) || !st.st_dev) {
if (fstatfs(fd, &fsinfo) < 0) {
rc = -errno;
perror("fstatfs");
goto out_close;
}
- if (ioctl(fd, FIGETBSZ, &blksize) < 0)
+ if ((ioctl(fd, FIGETBSZ, &blksize) < 0) || !blksize)
blksize = fsinfo.f_bsize;
if (verbose)
printf("Filesystem type is: %lx\n",
--
2.35.1

View File

@ -1,33 +0,0 @@
From 693c06539f0c168c6edf32d25b4c64835a1e3f31 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 30 Jun 2021 16:27:21 +0800
Subject: [PATCH 32/46] lib/ss/error.c: check return value malloc in ss_name()
Content-Type: text/plain
In ss_name(), we should check return value of malloc(),
otherwise, it may cause a segmentation fault problem.
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ss/error.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/ss/error.c b/lib/ss/error.c
index 8d345a9f..656b71be 100644
--- a/lib/ss/error.c
+++ b/lib/ss/error.c
@@ -42,6 +42,8 @@ char *ss_name(int sci_idx)
(strlen(infop->subsystem_name)+
strlen(infop->current_request)+
4));
+ if (ret_val == (char *)NULL)
+ return ((char *)NULL);
cp = ret_val;
cp1 = infop->subsystem_name;
while (*cp1)
--
2.35.1

View File

@ -1,56 +0,0 @@
From 265fcf9204fd06f574578ebe780f24e62bac2e86 Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Thu, 21 Apr 2022 19:31:48 +0200
Subject: [PATCH 1/2] libext2fs: add sanity check to extent manipulation
Content-Type: text/plain
It is possible to have a corrupted extent tree in such a way that a leaf
node contains zero extents in it. Currently if that happens and we try
to traverse the tree we can end up accessing wrong data, or possibly
even uninitialized memory. Make sure we don't do that.
Additionally make sure that we have a sane number of bytes passed to
memmove() in ext2fs_extent_delete().
Note that e2fsck is currently unable to spot and fix such corruption in
pass1.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reported-by: Nils Bars <nils_bars@t-online.de>
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113
Addresses: CVE-2022-1304
Addresses-Debian-Bug: #1010263
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ext2fs/extent.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c
index ac3dbfec..a1b1905c 100644
--- a/lib/ext2fs/extent.c
+++ b/lib/ext2fs/extent.c
@@ -495,6 +495,10 @@ retry:
ext2fs_le16_to_cpu(eh->eh_entries);
newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max);
+ /* Make sure there is at least one extent present */
+ if (newpath->left <= 0)
+ return EXT2_ET_EXTENT_NO_DOWN;
+
if (path->left > 0) {
ix++;
newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block);
@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags)
cp = path->curr;
+ /* Sanity check before memmove() */
+ if (path->left < 0)
+ return EXT2_ET_EXTENT_LEAF_BAD;
+
if (path->left) {
memmove(cp, cp + sizeof(struct ext3_extent_idx),
path->left * sizeof(struct ext3_extent_idx));
--
2.35.1

View File

@ -1,58 +0,0 @@
From 1aecdcc5c805e5e2114dd14877e9e1771fb519bf Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 16 Jan 2020 19:17:26 -0500
Subject: [PATCH 04/46] libext2fs: don't needlessly byte swap the group
descriptors in ext2fs_flush
Content-Type: text/plain
If the EXT2_FLAG_SUPER_ONLY is set, there's no reason to allocate the
shadow block group descriptors and byte swap the group descriptors.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/closefs.c | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/lib/ext2fs/closefs.c b/lib/ext2fs/closefs.c
index 6814cdc3..69cbdd8c 100644
--- a/lib/ext2fs/closefs.c
+++ b/lib/ext2fs/closefs.c
@@ -331,20 +331,24 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
#ifdef WORDS_BIGENDIAN
retval = EXT2_ET_NO_MEMORY;
retval = ext2fs_get_mem(SUPERBLOCK_SIZE, &super_shadow);
- if (retval)
- goto errout;
- retval = ext2fs_get_array(fs->desc_blocks, fs->blocksize,
- &group_shadow);
if (retval)
goto errout;
memcpy(super_shadow, fs->super, sizeof(struct ext2_super_block));
- memcpy(group_shadow, fs->group_desc, (size_t) fs->blocksize *
- fs->desc_blocks);
-
ext2fs_swap_super(super_shadow);
- for (j = 0; j < fs->group_desc_count; j++) {
- gdp = ext2fs_group_desc(fs, group_shadow, j);
- ext2fs_swap_group_desc2(fs, gdp);
+
+ if (((fs->flags & EXT2_FLAG_SUPER_ONLY) == 0) &&
+ !ext2fs_has_feature_journal_dev(fs->super)) {
+ retval = ext2fs_get_array(fs->desc_blocks, fs->blocksize,
+ &group_shadow);
+ if (retval)
+ goto errout;
+ memcpy(group_shadow, fs->group_desc, (size_t) fs->blocksize *
+ fs->desc_blocks);
+
+ for (j = 0; j < fs->group_desc_count; j++) {
+ gdp = ext2fs_group_desc(fs, group_shadow, j);
+ ext2fs_swap_group_desc2(fs, gdp);
+ }
}
#else
super_shadow = fs->super;
--
2.35.1

View File

@ -1,69 +0,0 @@
From 20a8dbefbc0510430aa7744692221b843b657f62 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 14 Jan 2020 10:58:10 -0500
Subject: [PATCH 02/46] libext2fs: fix crash in ext2fs_image_super_write() on
Big Endian systems
Content-Type: text/plain
This is a similar fix as c9a8c53b17cc ("libext2fs: fix crash in
ext2fs_open2() on Big Endian systems").
Commit e6069a05: ("Teach ext2fs_open2() to honor the
EXT2_FLAG_SUPER_ONLY flag") changed how the function
ext2fs_group_desc() handled a request for a gdp pointer for a group
larger than the number of groups in the file system; it now returns
NULL, instead of returning a pointer beyond the end of the array.
Previously, the ext2fs_imager_super_write() function would swap all of
the block group descriptors in a block, even if they are beyond the
end of the file system. This was OK, since we were not overrunning
the allocated memory, since it was rounded to a block boundary. But
now that ext2fs_group_desc() would return NULL for those gdp, it would
cause ext2fs_open2(), when it was byte swapping the block group
descriptors on Big Endian systems, to dereference a null pointer and
crash.
This commit adds a NULL pointer check to avoid byte swapping those
block group descriptors in a bg descriptor block, but which are beyond
the end of the file system, to address this crash.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reported-by: Anatoly Pugachev <matorola@gmail.com>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/imager.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/ext2fs/imager.c b/lib/ext2fs/imager.c
index b3ede9a8..f8d67d86 100644
--- a/lib/ext2fs/imager.c
+++ b/lib/ext2fs/imager.c
@@ -249,10 +249,10 @@ errcode_t ext2fs_image_super_write(ext2_filsys fs, int fd,
* if needed
*/
groups_per_block = EXT2_DESC_PER_BLOCK(fs->super);
- gdp = (struct ext2_group_desc *) cp;
for (j=0; j < groups_per_block*fs->desc_blocks; j++) {
gdp = ext2fs_group_desc(fs, fs->group_desc, j);
- ext2fs_swap_group_desc2(fs, gdp);
+ if (gdp)
+ ext2fs_swap_group_desc2(fs, gdp);
}
#endif
@@ -261,10 +261,10 @@ errcode_t ext2fs_image_super_write(ext2_filsys fs, int fd,
#ifdef WORDS_BIGENDIAN
groups_per_block = EXT2_DESC_PER_BLOCK(fs->super);
- gdp = (struct ext2_group_desc *) cp;
for (j=0; j < groups_per_block*fs->desc_blocks; j++) {
gdp = ext2fs_group_desc(fs, fs->group_desc, j);
- ext2fs_swap_group_desc2(fs, gdp);
+ if (gdp)
+ ext2fs_swap_group_desc2(fs, gdp);
}
#endif
--
2.35.1

View File

@ -1,59 +0,0 @@
From db2efc9e0a8cdb70afc8dd7c9621da9376da7afb Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 26 Dec 2019 23:19:54 -0500
Subject: [PATCH 01/46] libext2fs: fix crash in ext2fs_open2() on Big Endian
systems
Content-Type: text/plain
Commit e6069a05: ("Teach ext2fs_open2() to honor the
EXT2_FLAG_SUPER_ONLY flag") changed how the function
ext2fs_group_desc() handled a request for a gdp pointer for a group
larger than the number of groups in the file system; it now returns
NULL, instead of returning a pointer beyond the end of the array.
Previously, the ext2fs_open2() function would swap all of the block
group descriptors in a block, even if they are beyond the end of the
file system. This was OK, since we were not overrunning the allocated
memory, since it was rounded to a block boundary. But now that
ext2fs_group_desc() would return NULL for those gdp, it would cause
ext2fs_open2(), when it was byte swapping the block group descriptors
on Big Endian systems, to dereference a null pointer and crash.
This commit adds a NULL pointer check to avoid byte swapping those
block group descriptors in a bg descriptor block, but which are beyond
the end of the file system, to address this crash.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reported-by: Anatoly Pugachev <matorola@gmail.com>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/openfs.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/ext2fs/openfs.c b/lib/ext2fs/openfs.c
index 51b54a44..e457ce1a 100644
--- a/lib/ext2fs/openfs.c
+++ b/lib/ext2fs/openfs.c
@@ -433,7 +433,8 @@ errcode_t ext2fs_open2(const char *name, const char *io_options,
gdp = (struct ext2_group_desc *) dest;
for (j=0; j < groups_per_block*first_meta_bg; j++) {
gdp = ext2fs_group_desc(fs, fs->group_desc, j);
- ext2fs_swap_group_desc2(fs, gdp);
+ if (gdp)
+ ext2fs_swap_group_desc2(fs, gdp);
}
#endif
dest += fs->blocksize*first_meta_bg;
@@ -453,7 +454,8 @@ errcode_t ext2fs_open2(const char *name, const char *io_options,
for (j=0; j < groups_per_block; j++) {
gdp = ext2fs_group_desc(fs, fs->group_desc,
i * groups_per_block + j);
- ext2fs_swap_group_desc2(fs, gdp);
+ if (gdp)
+ ext2fs_swap_group_desc2(fs, gdp);
}
#endif
dest += fs->blocksize;
--
2.35.1

View File

@ -1,36 +0,0 @@
From df34e45c71cff889927a412c6296d02866cdc5cc Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sun, 14 Feb 2021 23:51:45 -0500
Subject: [PATCH 20/46] libext2fs: fix crash when ext2fs_mmp_stop() is called
before MMP is initialized
Content-Type: text/plain
The fatal_error() function in e2fsck can call ext2fs_mmp_stop() on a
file system where MMP hasn't yet been initialized. When that happens,
instead of crashing, have ext2fs_mmp_stop() return success, since mmp
doesn't need to be stopped if it hasn't even been initialized yet.
Addresses-Debian-Bug: #696609
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/mmp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/ext2fs/mmp.c b/lib/ext2fs/mmp.c
index 973b9ecd..eddc66a7 100644
--- a/lib/ext2fs/mmp.c
+++ b/lib/ext2fs/mmp.c
@@ -401,7 +401,8 @@ errcode_t ext2fs_mmp_stop(ext2_filsys fs)
errcode_t retval = 0;
if (!ext2fs_has_feature_mmp(fs->super) ||
- !(fs->flags & EXT2_FLAG_RW) || (fs->flags & EXT2_FLAG_SKIP_MMP))
+ !(fs->flags & EXT2_FLAG_RW) || (fs->flags & EXT2_FLAG_SKIP_MMP) ||
+ (fs->mmp_buf == NULL) || (fs->mmp_cmp == NULL))
goto mmp_error;
retval = ext2fs_mmp_read(fs, fs->super->s_mmp_block, fs->mmp_buf);
--
2.35.1

View File

@ -1,52 +0,0 @@
From c951a12b1594158bb87fbc4d8a89b326c34e711f Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 21 Jan 2021 16:00:01 -0500
Subject: [PATCH 15/46] libext2fs: fix incorrect negative error return in unix
and sparse io managers
Content-Type: text/plain
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/sparse_io.c | 4 ++--
lib/ext2fs/unix_io.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/ext2fs/sparse_io.c b/lib/ext2fs/sparse_io.c
index 5e0e2cd9..f287e76d 100644
--- a/lib/ext2fs/sparse_io.c
+++ b/lib/ext2fs/sparse_io.c
@@ -138,7 +138,7 @@ static errcode_t io_manager_configure(struct sparse_io_params *params,
retval = io_manager_import_sparse(params, sm, io);
if (retval) {
if (!params->block_size || !params->blocks_count) {
- retval = -EINVAL;
+ retval = EINVAL;
goto err_params;
}
sm->block_size = params->block_size;
@@ -229,7 +229,7 @@ static errcode_t read_sparse_argv(const char *name, bool is_fd,
if (ret < 1) {
free(sparse_params->file);
- return -EINVAL;
+ return EINVAL;
}
return 0;
}
diff --git a/lib/ext2fs/unix_io.c b/lib/ext2fs/unix_io.c
index 628e60c3..2bcd435c 100644
--- a/lib/ext2fs/unix_io.c
+++ b/lib/ext2fs/unix_io.c
@@ -733,7 +733,7 @@ static errcode_t unixfd_open(const char *str_fd, int flags,
#if defined(HAVE_FCNTL)
fd_flags = fcntl(fd, F_GETFD);
if (fd_flags == -1)
- return -EBADF;
+ return EBADF;
flags = 0;
if (fd_flags & O_RDWR)
--
2.35.1

View File

@ -1,40 +0,0 @@
From b7466a55e89aa6d6a649734f2b1b24a03390bcef Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Wed, 26 Aug 2020 16:29:29 -0400
Subject: [PATCH 08/46] libext2fs: fix potential buffer overrun in
__get_dirent_tail()
Content-Type: text/plain
If the file system is corrupted, there is a potential of a read-only
buffer overrun. Fortunately, we don't actually use the result of that
pointer dereference, and the overrun is at most 64k.
Google-Bug-Id: #158564737
Fixes: eb88b751745b ("libext2fs: make ext2fs_dirent_has_tail() more strict")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/csum.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/ext2fs/csum.c b/lib/ext2fs/csum.c
index a7172580..2151003b 100644
--- a/lib/ext2fs/csum.c
+++ b/lib/ext2fs/csum.c
@@ -266,12 +266,11 @@ static errcode_t __get_dirent_tail(ext2_filsys fs,
d = dirent;
top = EXT2_DIRENT_TAIL(dirent, fs->blocksize);
- rec_len = translate(d->rec_len);
while ((void *) d < top) {
+ rec_len = translate(d->rec_len);
if ((rec_len < 8) || (rec_len & 0x03))
return EXT2_ET_DIR_CORRUPTED;
d = (struct ext2_dir_entry *)(((char *)d) + rec_len);
- rec_len = translate(d->rec_len);
}
if ((void *)d > ((void *)dirent + fs->blocksize))
--
2.35.1

View File

@ -1,212 +0,0 @@
From 9beb50cd2c05f69f1231eb1f4579d6770ef48359 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sun, 7 Feb 2021 23:21:58 -0500
Subject: [PATCH 18/46] libext2fs: fix segault when setting an xattr with an
unknown prefix
Content-Type: text/plain
Also avoid unnecessary calls to find_ea_index() by caching the short
name and name index in the ext2_attr structure.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/ext_attr.c | 64 +++++++++++++++++++++----------------------
1 file changed, 32 insertions(+), 32 deletions(-)
diff --git a/lib/ext2fs/ext_attr.c b/lib/ext2fs/ext_attr.c
index 871319a5..8a7a17cf 100644
--- a/lib/ext2fs/ext_attr.c
+++ b/lib/ext2fs/ext_attr.c
@@ -293,7 +293,9 @@ errcode_t ext2fs_adjust_ea_refcount(ext2_filsys fs, blk_t blk,
/* Manipulate the contents of extended attribute regions */
struct ext2_xattr {
+ int name_index;
char *name;
+ char *short_name;
void *value;
unsigned int value_len;
ext2_ino_t ea_ino;
@@ -643,29 +645,23 @@ write_xattrs_to_buffer(ext2_filsys fs, struct ext2_xattr *attrs, int count,
struct ext2_xattr *x;
struct ext2_ext_attr_entry *e = entries_start;
char *end = (char *) entries_start + storage_size;
- const char *shortname;
unsigned int value_size;
- int idx, ret;
errcode_t err;
memset(entries_start, 0, storage_size);
for (x = attrs; x < attrs + count; x++) {
- /* Calculate index and shortname position */
- shortname = x->name;
- ret = find_ea_index(x->name, &shortname, &idx);
-
value_size = ((x->value_len + EXT2_EXT_ATTR_PAD - 1) /
EXT2_EXT_ATTR_PAD) * EXT2_EXT_ATTR_PAD;
/* Fill out e appropriately */
- e->e_name_len = strlen(shortname);
- e->e_name_index = (ret ? idx : 0);
+ e->e_name_len = strlen(x->short_name);
+ e->e_name_index = x->name_index;
e->e_value_size = x->value_len;
e->e_value_inum = x->ea_ino;
/* Store name */
- memcpy((char *)e + sizeof(*e), shortname, e->e_name_len);
+ memcpy((char *)e + sizeof(*e), x->short_name, e->e_name_len);
if (x->ea_ino) {
e->e_value_offs = 0;
} else {
@@ -875,6 +871,8 @@ static errcode_t read_xattrs_from_buffer(struct ext2_xattr_handle *handle,
memcpy(x->name + prefix_len,
(char *)entry + sizeof(*entry),
entry->e_name_len);
+ x->short_name = x->name + prefix_len;
+ x->name_index = entry->e_name_index;
/* Check & copy value */
if (!ext2fs_has_feature_ea_inode(handle->fs->super) &&
@@ -1302,7 +1300,8 @@ out:
}
static errcode_t xattr_update_entry(ext2_filsys fs, struct ext2_xattr *x,
- const char *name, const void *value,
+ const char *name, const char *short_name,
+ int index, const void *value,
size_t value_len, int in_inode)
{
ext2_ino_t ea_ino = 0;
@@ -1336,8 +1335,11 @@ static errcode_t xattr_update_entry(ext2_filsys fs, struct ext2_xattr *x,
goto fail;
}
- if (!x->name)
+ if (!x->name) {
x->name = new_name;
+ x->short_name = new_name + (short_name - name);
+ }
+ x->name_index = index;
if (x->value)
ext2fs_free_mem(&x->value);
@@ -1356,31 +1358,27 @@ fail:
}
static int xattr_find_position(struct ext2_xattr *attrs, int count,
- const char *name)
+ const char *shortname, int name_idx)
{
struct ext2_xattr *x;
int i;
- const char *shortname, *x_shortname;
- int name_idx, x_name_idx;
int shortname_len, x_shortname_len;
- find_ea_index(name, &shortname, &name_idx);
shortname_len = strlen(shortname);
for (i = 0, x = attrs; i < count; i++, x++) {
- find_ea_index(x->name, &x_shortname, &x_name_idx);
- if (name_idx < x_name_idx)
+ if (name_idx < x->name_index)
break;
- if (name_idx > x_name_idx)
+ if (name_idx > x->name_index)
continue;
- x_shortname_len = strlen(x_shortname);
+ x_shortname_len = strlen(x->short_name);
if (shortname_len < x_shortname_len)
break;
if (shortname_len > x_shortname_len)
continue;
- if (memcmp(shortname, x_shortname, shortname_len) <= 0)
+ if (memcmp(shortname, x->short_name, shortname_len) <= 0)
break;
}
return i;
@@ -1395,8 +1393,8 @@ static errcode_t xattr_array_update(struct ext2_xattr_handle *h,
struct ext2_xattr tmp;
int add_to_ibody;
int needed;
- int name_len, name_idx;
- const char *shortname;
+ int name_len, name_idx = 0;
+ const char *shortname = name;
int new_idx;
int ret;
@@ -1423,7 +1421,8 @@ static errcode_t xattr_array_update(struct ext2_xattr_handle *h,
/* Update the existing entry. */
ret = xattr_update_entry(h->fs, &h->attrs[old_idx], name,
- value, value_len, in_inode);
+ shortname, name_idx, value,
+ value_len, in_inode);
if (ret)
return ret;
if (h->ibody_count <= old_idx) {
@@ -1451,7 +1450,8 @@ static errcode_t xattr_array_update(struct ext2_xattr_handle *h,
if (old_idx >= 0) {
/* Update the existing entry. */
ret = xattr_update_entry(h->fs, &h->attrs[old_idx], name,
- value, value_len, in_inode);
+ shortname, name_idx, value,
+ value_len, in_inode);
if (ret)
return ret;
if (old_idx < h->ibody_count) {
@@ -1460,7 +1460,8 @@ static errcode_t xattr_array_update(struct ext2_xattr_handle *h,
* entries in the block are sorted.
*/
new_idx = xattr_find_position(h->attrs + h->ibody_count,
- h->count - h->ibody_count, name);
+ h->count - h->ibody_count,
+ shortname, name_idx);
new_idx += h->ibody_count - 1;
tmp = h->attrs[old_idx];
memmove(h->attrs + old_idx, h->attrs + old_idx + 1,
@@ -1472,7 +1473,8 @@ static errcode_t xattr_array_update(struct ext2_xattr_handle *h,
}
new_idx = xattr_find_position(h->attrs + h->ibody_count,
- h->count - h->ibody_count, name);
+ h->count - h->ibody_count,
+ shortname, name_idx);
new_idx += h->ibody_count;
add_to_ibody = 0;
@@ -1483,8 +1485,8 @@ add_new:
return ret;
}
- ret = xattr_update_entry(h->fs, &h->attrs[h->count], name, value,
- value_len, in_inode);
+ ret = xattr_update_entry(h->fs, &h->attrs[h->count], name, shortname,
+ name_idx, value, value_len, in_inode);
if (ret)
return ret;
@@ -1502,12 +1504,10 @@ static int space_used(struct ext2_xattr *attrs, int count)
{
int total = 0;
struct ext2_xattr *x;
- const char *shortname;
- int i, len, name_idx;
+ int i, len;
for (i = 0, x = attrs; i < count; i++, x++) {
- find_ea_index(x->name, &shortname, &name_idx);
- len = strlen(shortname);
+ len = strlen(x->short_name);
total += EXT2_EXT_ATTR_LEN(len);
if (!x->ea_ino)
total += EXT2_EXT_ATTR_SIZE(x->value_len);
--
2.35.1

View File

@ -1,39 +0,0 @@
From 92d055879d510a1a51315301ea788445cd11aacb Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 6 Aug 2021 11:58:16 +0200
Subject: [PATCH 40/46] libext2fs: fix unexpected NULL variable
Content-Type: text/plain
The ext2fs_check_mount_point() function can be called with mtpt being
NULL as for example from ext2fs_check_if_mounted(). However in the
is_swap_device condition we use the mtpt in strncpy without checking
whether it is non-null first.
This should not be a problem on linux since the previous attempt to open
the device exclusively would have prevented us from ever reaching the
problematic strncpy. However it's still a bug and can cause problems on
other systems, fix it by conditioning strncpy on mtpt not being null.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ext2fs/ismounted.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/ext2fs/ismounted.c b/lib/ext2fs/ismounted.c
index 46d330d9..c28475d4 100644
--- a/lib/ext2fs/ismounted.c
+++ b/lib/ext2fs/ismounted.c
@@ -393,7 +393,8 @@ errcode_t ext2fs_check_mount_point(const char *device, int *mount_flags,
if (is_swap_device(device)) {
*mount_flags = EXT2_MF_MOUNTED | EXT2_MF_SWAP;
- strncpy(mtpt, "<swap>", mtlen);
+ if (mtpt)
+ strncpy(mtpt, "<swap>", mtlen);
} else {
#ifdef HAVE_SETMNTENT
retval = check_mntent(device, mount_flags, mtpt, mtlen);
--
2.35.1

View File

@ -1,118 +0,0 @@
From 1a95588e8090a2ac6cab364e5a24be219f50710b Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 6 Aug 2021 11:58:17 +0200
Subject: [PATCH 41/46] libext2fs: remove augmented rbtree functionality
Content-Type: text/plain
Rbtree code was originally taken from linux kernel. This includes the
augmented rbtree functionality, however this was never intended to be
used and is not used still. Just remove it.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ext2fs/rbtree.c | 68 ---------------------------------------------
lib/ext2fs/rbtree.h | 8 ------
2 files changed, 76 deletions(-)
diff --git a/lib/ext2fs/rbtree.c b/lib/ext2fs/rbtree.c
index 5b92099d..74426fa6 100644
--- a/lib/ext2fs/rbtree.c
+++ b/lib/ext2fs/rbtree.c
@@ -280,74 +280,6 @@ void ext2fs_rb_erase(struct rb_node *node, struct rb_root *root)
__rb_erase_color(child, parent, root);
}
-static void ext2fs_rb_augment_path(struct rb_node *node, rb_augment_f func, void *data)
-{
- struct rb_node *parent;
-
-up:
- func(node, data);
- parent = ext2fs_rb_parent(node);
- if (!parent)
- return;
-
- if (node == parent->rb_left && parent->rb_right)
- func(parent->rb_right, data);
- else if (parent->rb_left)
- func(parent->rb_left, data);
-
- node = parent;
- goto up;
-}
-
-/*
- * after inserting @node into the tree, update the tree to account for
- * both the new entry and any damage done by rebalance
- */
-void ext2fs_rb_augment_insert(struct rb_node *node, rb_augment_f func, void *data)
-{
- if (node->rb_left)
- node = node->rb_left;
- else if (node->rb_right)
- node = node->rb_right;
-
- ext2fs_rb_augment_path(node, func, data);
-}
-
-/*
- * before removing the node, find the deepest node on the rebalance path
- * that will still be there after @node gets removed
- */
-struct rb_node *ext2fs_rb_augment_erase_begin(struct rb_node *node)
-{
- struct rb_node *deepest;
-
- if (!node->rb_right && !node->rb_left)
- deepest = ext2fs_rb_parent(node);
- else if (!node->rb_right)
- deepest = node->rb_left;
- else if (!node->rb_left)
- deepest = node->rb_right;
- else {
- deepest = ext2fs_rb_next(node);
- if (deepest->rb_right)
- deepest = deepest->rb_right;
- else if (ext2fs_rb_parent(deepest) != node)
- deepest = ext2fs_rb_parent(deepest);
- }
-
- return deepest;
-}
-
-/*
- * after removal, update the tree to account for the removed entry
- * and any rebalance damage.
- */
-void ext2fs_rb_augment_erase_end(struct rb_node *node, rb_augment_f func, void *data)
-{
- if (node)
- ext2fs_rb_augment_path(node, func, data);
-}
-
/*
* This function returns the first node (in sort order) of the tree.
*/
diff --git a/lib/ext2fs/rbtree.h b/lib/ext2fs/rbtree.h
index 9e806779..a4eb35ae 100644
--- a/lib/ext2fs/rbtree.h
+++ b/lib/ext2fs/rbtree.h
@@ -161,14 +161,6 @@ static inline void ext2fs_rb_clear_node(struct rb_node *node)
extern void ext2fs_rb_insert_color(struct rb_node *, struct rb_root *);
extern void ext2fs_rb_erase(struct rb_node *, struct rb_root *);
-typedef void (*rb_augment_f)(struct rb_node *node, void *data);
-
-extern void ext2fs_rb_augment_insert(struct rb_node *node,
- rb_augment_f func, void *data);
-extern struct rb_node *ext2fs_rb_augment_erase_begin(struct rb_node *node);
-extern void ext2fs_rb_augment_erase_end(struct rb_node *node,
- rb_augment_f func, void *data);
-
/* Find logical next and previous nodes in a tree */
extern struct rb_node *ext2fs_rb_next(struct rb_node *);
extern struct rb_node *ext2fs_rb_prev(struct rb_node *);
--
2.35.1

View File

@ -1,35 +0,0 @@
From 4b74f91ad7480d71853ae1170d065917afc426a2 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 16 Jan 2020 18:56:49 -0500
Subject: [PATCH 03/46] libext2fs: teach ext2fs_flush() to check if group
descriptors are loaded
Content-Type: text/plain
If the EXT2_FLAG_SUPER_ONLY is not set, and the group descriptors are
not loaded, ext2fs_flush[2]() will return EXT2_ET_NO_GDESC.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/closefs.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/ext2fs/closefs.c b/lib/ext2fs/closefs.c
index 1d4d5b7f..6814cdc3 100644
--- a/lib/ext2fs/closefs.c
+++ b/lib/ext2fs/closefs.c
@@ -293,6 +293,11 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
+ if ((fs->flags & EXT2_FLAG_SUPER_ONLY) == 0 &&
+ !ext2fs_has_feature_journal_dev(fs->super) &&
+ fs->group_desc == NULL)
+ return EXT2_ET_NO_GDESC;
+
fs_state = fs->super->s_state;
feature_incompat = fs->super->s_feature_incompat;
--
2.35.1

View File

@ -1,42 +0,0 @@
From 91a846631015734d322d11e3b8ff82d650ab7a8e Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 6 Aug 2021 11:58:19 +0200
Subject: [PATCH 43/46] libss: Add missing error handling for fdopen()
Content-Type: text/plain
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ss/list_rqs.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/lib/ss/list_rqs.c b/lib/ss/list_rqs.c
index 021a3835..89e37bb2 100644
--- a/lib/ss/list_rqs.c
+++ b/lib/ss/list_rqs.c
@@ -12,6 +12,9 @@
*/
#include "config.h"
#include "ss_internal.h"
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
#include <signal.h>
#include <setjmp.h>
#include <sys/wait.h>
@@ -46,6 +49,12 @@ void ss_list_requests(int argc __SS_ATTR((unused)),
return;
}
output = fdopen(fd, "w");
+ if (!output) {
+ perror("fdopen");
+ close(fd);
+ (void) signal(SIGINT, func);
+ return;
+ }
sigprocmask(SIG_SETMASK, &omask, (sigset_t *) 0);
fprintf (output, "Available %s requests:\n\n",
--
2.35.1

View File

@ -1,36 +0,0 @@
From 422643f4758b0a0345d84b2d19312269472e2a00 Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Thu, 17 Feb 2022 10:24:59 +0100
Subject: [PATCH 2/2] libss: fix possible NULL pointer dereferece on allocation
failure
Content-Type: text/plain
Currently in ss_execute_command() we're missng a check to see if the
memory allocation was succesful. Fix it by checking the return from
malloc and returning ENOMEM if it had failed.
[ Removed addition of the SS_ET_ENOMEM entry to the the libss error
table. -TYT ]
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ss/execute_cmd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/ss/execute_cmd.c b/lib/ss/execute_cmd.c
index d443a468..2e2c8cfa 100644
--- a/lib/ss/execute_cmd.c
+++ b/lib/ss/execute_cmd.c
@@ -171,6 +171,8 @@ int ss_execute_command(int sci_idx, register char *argv[])
for (argp = argv; *argp; argp++)
argc++;
argp = (char **)malloc((argc+1)*sizeof(char *));
+ if (!argp)
+ return(ENOMEM);
for (i = 0; i <= argc; i++)
argp[i] = argv[i];
i = really_execute_command(sci_idx, argc, &argp);
--
2.35.1

View File

@ -1,33 +0,0 @@
From 22c751c1ab47277e90f63ac774288f67d2e42c51 Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 6 Aug 2021 11:58:18 +0200
Subject: [PATCH 42/46] libss: handle memory allcation failure in ss_help()
Content-Type: text/plain
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ss/help.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/ss/help.c b/lib/ss/help.c
index 96eb1092..a22b4017 100644
--- a/lib/ss/help.c
+++ b/lib/ss/help.c
@@ -96,7 +96,12 @@ void ss_help(int argc, char const * const *argv, int sci_idx, pointer info_ptr)
}
if (fd < 0) {
#define MSG "No info found for "
- char *buf = malloc(strlen (MSG) + strlen (argv[1]) + 1);
+ char *buf = malloc(strlen (MSG) + strlen (argv[1]) + 1);
+ if (!buf) {
+ ss_perror(sci_idx, 0,
+ "couldn't allocate memory to print error message");
+ return;
+ }
strcpy(buf, MSG);
strcat(buf, argv[1]);
ss_perror(sci_idx, 0, buf);
--
2.35.1

View File

@ -1,66 +0,0 @@
From c976fd2e72678a171693d2b6333c2c499ef4d588 Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Fri, 6 Aug 2021 11:58:20 +0200
Subject: [PATCH 44/46] libsupport: fix potental NULL pointer dereferences in
quota functions
Content-Type: text/plain
get_dq() function can fail when the memory allocation fails and so we
could end up dereferencing NULL pointer. Fix it.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/support/mkquota.c | 8 ++++++--
lib/support/quotaio_tree.c | 2 +-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/lib/support/mkquota.c b/lib/support/mkquota.c
index ef50c9ab..280b1046 100644
--- a/lib/support/mkquota.c
+++ b/lib/support/mkquota.c
@@ -432,7 +432,8 @@ void quota_data_sub(quota_ctx_t qctx, struct ext2_inode_large *inode,
dict = qctx->quota_dict[qtype];
if (dict) {
dq = get_dq(dict, get_qid(inode, qtype));
- dq->dq_dqb.dqb_curspace -= space;
+ if (dq)
+ dq->dq_dqb.dqb_curspace -= space;
}
}
}
@@ -459,7 +460,8 @@ void quota_data_inodes(quota_ctx_t qctx, struct ext2_inode_large *inode,
dict = qctx->quota_dict[qtype];
if (dict) {
dq = get_dq(dict, get_qid(inode, qtype));
- dq->dq_dqb.dqb_curinodes += adjust;
+ if (dq)
+ dq->dq_dqb.dqb_curinodes += adjust;
}
}
}
@@ -532,6 +534,8 @@ static int scan_dquots_callback(struct dquot *dquot, void *cb_data)
struct dquot *dq;
dq = get_dq(quota_dict, dquot->dq_id);
+ if (!dq)
+ return -1;
dq->dq_id = dquot->dq_id;
dq->dq_flags |= DQF_SEEN;
diff --git a/lib/support/quotaio_tree.c b/lib/support/quotaio_tree.c
index 6cc4fb5b..5910e637 100644
--- a/lib/support/quotaio_tree.c
+++ b/lib/support/quotaio_tree.c
@@ -601,7 +601,7 @@ static int report_tree(struct dquot *dquot, unsigned int blk, int depth,
__le32 *ref = (__le32 *) buf;
if (!buf)
- return 0;
+ return -1;
read_blk(dquot->dq_h, blk, buf);
if (depth == QT_TREEDEPTH - 1) {
--
2.35.1

View File

@ -1,36 +0,0 @@
From 18850fa92c398f4a60827dd5da020f9af0822424 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 28 Jul 2021 09:56:48 +0800
Subject: [PATCH 37/46] lsattr: check whether path is NULL in lsattr_dir_proc()
Content-Type: text/plain
In lsattr_dir_proc(), if malloc() return NULL, it will cause
a segmentation fault problem.
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/lsattr.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/misc/lsattr.c b/misc/lsattr.c
index 0d954376..55080e92 100644
--- a/misc/lsattr.c
+++ b/misc/lsattr.c
@@ -144,6 +144,11 @@ static int lsattr_dir_proc (const char * dir_name, struct dirent * de,
int dir_len = strlen(dir_name);
path = malloc(dir_len + strlen (de->d_name) + 2);
+ if (!path) {
+ fputs(_("Couldn't allocate path variable in lsattr_dir_proc\n"),
+ stderr);
+ return -1;
+ }
if (dir_len && dir_name[dir_len-1] == '/')
sprintf (path, "%s%s", dir_name, de->d_name);
--
2.35.1

View File

@ -1,35 +0,0 @@
From 4a92545b8711df405dc804236d66386780696ce1 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 30 Jun 2021 16:27:20 +0800
Subject: [PATCH 31/46] misc: fix potential segmentation fault problem in
scandir()
Content-Type: text/plain
In scandir(), temp_list[num_dent] is allocated by calling
malloc(), we should check whether malloc() returns NULL before
accessing temp_list[num_dent].
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/create_inode.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/misc/create_inode.c b/misc/create_inode.c
index 6f8487b9..38f37beb 100644
--- a/misc/create_inode.c
+++ b/misc/create_inode.c
@@ -752,6 +752,8 @@ static int scandir(const char *dir_name, struct dirent ***name_list,
}
// add the copy of dirent to the list
temp_list[num_dent] = (struct dirent*)malloc((dent->d_reclen + 3) & ~3);
+ if (!temp_list[num_dent])
+ goto out;
memcpy(temp_list[num_dent], dent, dent->d_reclen);
num_dent++;
}
--
2.35.1

View File

@ -1,84 +0,0 @@
From d74f2e031418fb877c97c86a9c6b58eb30a4592c Mon Sep 17 00:00:00 2001
From: Hongxu Jia <hongxu.jia@windriver.com>
Date: Tue, 21 Jul 2020 18:25:03 -0700
Subject: [PATCH 10/46] mke2fs: fix up check for hardlinks always false if
inode > 0xFFFFFFFF
Content-Type: text/plain
While file has a large inode number (> 0xFFFFFFFF), mkfs.ext4 could
not parse hardlink correctly.
Prepare three hardlink files for mkfs.ext4
$ ls -il rootfs_ota/a rootfs_ota/boot/b rootfs_ota/boot/c
11026675846 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 rootfs_ota/a
11026675846 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 rootfs_ota/boot/b
11026675846 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 rootfs_ota/boot/c
$ truncate -s 1M rootfs_ota.ext4
$ mkfs.ext4 -F -i 8192 rootfs_ota.ext4 -L otaroot -U fd5f8768-c779-4dc9-adde-165a3d863349 -d rootfs_ota
$ mkdir mnt && sudo mount rootfs_ota.ext4 mnt
$ ls -il mnt/a mnt/boot/b mnt/boot/c
12 -rw-r--r-- 1 hjia users 0 Jul 20 17:44 mnt/a
14 -rw-r--r-- 1 hjia users 0 Jul 20 17:44 mnt/boot/b
15 -rw-r--r-- 1 hjia users 0 Jul 20 17:44 mnt/boot/c
After applying this fix
$ ls -il mnt/a mnt/boot/b mnt/boot/c
12 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 mnt/a
12 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 mnt/boot/b
12 -rw-r--r-- 3 hjia users 0 Jul 20 17:44 mnt/boot/c
Since commit [382ed4a1 e2fsck: use proper types for variables][1]
applied, it used ext2_ino_t instead of ino_t for referencing inode
numbers, but the type of is_hardlink's `ino' should not be instead,
The ext2_ino_t is 32bit, if inode > 0xFFFFFFFF, its value will be
truncated.
Add a debug printf to show the value of inode, when it check for hardlink
files, it will always return false if inode > 0xFFFFFFFF
|--- a/misc/create_inode.c
|+++ b/misc/create_inode.c
|@@ -605,6 +605,7 @@ static int is_hardlink(struct hdlinks_s *hdlinks, dev_t dev, ext2_ino_t ino)
| {
| int i;
|
|+ printf("%s %d, %lX, %lX\n", __FUNCTION__, __LINE__, hdlinks->hdl[i].src_ino, ino);
| for (i = 0; i < hdlinks->count; i++) {
| if (hdlinks->hdl[i].src_dev == dev &&
| hdlinks->hdl[i].src_ino == ino)
Here is debug message:
is_hardlink 608, 2913DB886, 913DB886
The length of ext2_ino_t is 32bit (typedef __u32 __bitwise ext2_ino_t;),
and ino_t is 64bit on 64bit system (such as x86-64), recover `ino' to ino_t.
[1] https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=382ed4a1c2b60acb9db7631e86dda207bde6076e
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/create_inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/misc/create_inode.c b/misc/create_inode.c
index e8d1df6b..837f3875 100644
--- a/misc/create_inode.c
+++ b/misc/create_inode.c
@@ -601,7 +601,7 @@ out:
return err;
}
-static int is_hardlink(struct hdlinks_s *hdlinks, dev_t dev, ext2_ino_t ino)
+static int is_hardlink(struct hdlinks_s *hdlinks, dev_t dev, ino_t ino)
{
int i;
--
2.35.1

View File

@ -1,57 +0,0 @@
From 2831f4202dd1bec289a9a3459d553fcffda0f280 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sun, 18 Jul 2021 09:15:28 -0400
Subject: [PATCH 34/46] mke2fs: only try discarding a single block to test if
discard works
Content-Type: text/plain
Commit d2bfdc7ff15c ("Use punch hole as "discard" on regular files")
added a test to see if the storage device actually supports discard.
The intent was to try discarding the first block but since
io_channel_discard() interprets the offset and count arguments in
blocks, and not bytes, mke2fs was actually discarding the first 16
megabytes (when the block size is 4k). This is normally not a
problem, since most file systems are larger than that, and requests to
discard beyond the end of the block device are ignored.
However, when creating a small file system as part of a image
containing multiple partitions, the initial test discard can end up
discarding data beyond the file system being created.
Addresses-Debian-Bug: #989630
Reported-by: Josh Triplett <josh@joshtriplett.org>
Fixes: d2bfdc7ff15c ("Use punch hole as "discard" on regular files")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/mke2fs.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/misc/mke2fs.c b/misc/mke2fs.c
index 389d0981..b2bb2847 100644
--- a/misc/mke2fs.c
+++ b/misc/mke2fs.c
@@ -2768,7 +2768,7 @@ static int mke2fs_discard_device(ext2_filsys fs)
struct ext2fs_numeric_progress_struct progress;
blk64_t blocks = ext2fs_blocks_count(fs->super);
blk64_t count = DISCARD_STEP_MB;
- blk64_t cur;
+ blk64_t cur = 0;
int retval = 0;
/*
@@ -2776,10 +2776,9 @@ static int mke2fs_discard_device(ext2_filsys fs)
* we do not print numeric progress resulting in failure
* afterwards.
*/
- retval = io_channel_discard(fs->io, 0, fs->blocksize);
+ retval = io_channel_discard(fs->io, 0, 1);
if (retval)
return retval;
- cur = fs->blocksize;
count *= (1024 * 1024);
count /= fs->blocksize;
--
2.35.1

View File

@ -1,68 +0,0 @@
From d80424f5ceaa3a7a8ce7dbf6bacca32f2f05fdeb Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Thu, 18 Feb 2021 10:51:46 +0100
Subject: [PATCH 23/46] mmp: do not use O_DIRECT when working with regular file
Content-Type: text/plain
Currently the mmp block is read using O_DIRECT to avoid any caching that
may be done by the VM. However when working with regular files this
creates alignment issues when the device of the host file system has
sector size larger than the blocksize of the file system in the file
we're working with.
This can be reproduced with t_mmp_fail test when run on the device with
4k sector size because the mke2fs fails when trying to read the mmp
block.
Fix it by disabling O_DIRECT when working with regular files. I don't
think there is any risk of doing so since the file system layer, unlike
shared block device, should guarantee cache consistency.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
lib/ext2fs/mmp.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/lib/ext2fs/mmp.c b/lib/ext2fs/mmp.c
index eddc66a7..626fe395 100644
--- a/lib/ext2fs/mmp.c
+++ b/lib/ext2fs/mmp.c
@@ -57,21 +57,21 @@ errcode_t ext2fs_mmp_read(ext2_filsys fs, blk64_t mmp_blk, void *buf)
* regardless of how the io_manager is doing reads, to avoid caching of
* the MMP block by the io_manager or the VM. It needs to be fresh. */
if (fs->mmp_fd <= 0) {
+ struct stat st;
int flags = O_RDWR | O_DIRECT;
-retry:
+ /*
+ * There is no reason for using O_DIRECT if we're working with
+ * regular file. Disabling it also avoids problems with
+ * alignment when the device of the host file system has sector
+ * size larger than blocksize of the fs we're working with.
+ */
+ if (stat(fs->device_name, &st) == 0 &&
+ S_ISREG(st.st_mode))
+ flags &= ~O_DIRECT;
+
fs->mmp_fd = open(fs->device_name, flags);
if (fs->mmp_fd < 0) {
- struct stat st;
-
- /* Avoid O_DIRECT for filesystem image files if open
- * fails, since it breaks when running on tmpfs. */
- if (errno == EINVAL && (flags & O_DIRECT) &&
- stat(fs->device_name, &st) == 0 &&
- S_ISREG(st.st_mode)) {
- flags &= ~O_DIRECT;
- goto retry;
- }
retval = EXT2_ET_MMP_OPEN_DIRECT;
goto out;
}
--
2.35.1

View File

@ -1,39 +0,0 @@
From 7c9b477d25a81ef736a832d66793a75860394d6f Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Mon, 12 Jul 2021 17:43:08 +0200
Subject: [PATCH 39/46] quota: Do not account space used by project quota file
to quota
Content-Type: text/plain
Project quota files have high inode numbers but are not accounted in
quota usage. Do not track them when computing quota usage.
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/support/mkquota.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/lib/support/mkquota.c b/lib/support/mkquota.c
index 6f7ae6d6..ef50c9ab 100644
--- a/lib/support/mkquota.c
+++ b/lib/support/mkquota.c
@@ -500,9 +500,11 @@ errcode_t quota_compute_usage(quota_ctx_t qctx)
}
if (ino == 0)
break;
- if (inode->i_links_count &&
- (ino == EXT2_ROOT_INO ||
- ino >= EXT2_FIRST_INODE(fs->super))) {
+ if (!inode->i_links_count)
+ continue;
+ if (ino == EXT2_ROOT_INO ||
+ (ino >= EXT2_FIRST_INODE(fs->super) &&
+ ino != quota_type2inum(PRJQUOTA, fs->super))) {
space = ext2fs_get_stat_i_blocks(fs,
EXT2_INODE(inode)) << 9;
quota_data_add(qctx, inode, ino, space);
--
2.35.1

View File

@ -1,41 +0,0 @@
From a7a6126b94b9b6b0f88b5a5cc90d069974c89901 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sat, 6 Mar 2021 23:08:12 -0500
Subject: [PATCH 24/46] resize2fs: avoid allocating over the MMP block
Content-Type: text/plain
When resizing past the point where the reserve inode has reserved
space for the block group descriptors to expand, and resize2fs (in an
offline resize) needs to move the allocation bitmaps and/or inode
table around, it's possible for resize2fs to allocate over the MMP
block, which would be bad.
Prevent this from happening by reserving the MMP block as a file
system metadata block (which it is) in resize2fs's accounting.
Addresses-Debian-Bug: #984472
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
resize/resize2fs.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/resize/resize2fs.c b/resize/resize2fs.c
index 26050fec..e8401e79 100644
--- a/resize/resize2fs.c
+++ b/resize/resize2fs.c
@@ -1176,6 +1176,11 @@ static errcode_t mark_table_blocks(ext2_filsys fs,
if (blk)
ext2fs_mark_block_bitmap2(bmap, blk);
}
+ /* Reserve the MMP block */
+ if (ext2fs_has_feature_mmp(fs->super) &&
+ fs->super->s_mmp_block > fs->super->s_first_data_block &&
+ fs->super->s_mmp_block < ext2fs_blocks_count(fs->super))
+ ext2fs_mark_block_bitmap2(bmap, fs->super->s_mmp_block);
return 0;
}
--
2.35.1

View File

@ -1,59 +0,0 @@
From 742255d914bf06fa8e8a3f048aae2c738657af52 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Fri, 2 Oct 2020 14:47:25 -0400
Subject: [PATCH 11/46] resize2fs: prevent block group descriptors from
overflowing the first bg
Content-Type: text/plain
For 1k block file systems, resizing a file system larger than
1073610752 blocks will result in the size of the block group
descriptors to be so large that it will overlap with the backup
superblock in block group #1. This problem can be reproduced via:
mke2fs -t ext4 /tmp/foo.img 200M
resize2fs /tmp/foo.img 1T
e2fsck -f /tmp/foo.img
https://github.com/tytso/e2fsprogs/issues/50
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
resize/main.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/resize/main.c b/resize/main.c
index a0c31c06..5e771d2a 100644
--- a/resize/main.c
+++ b/resize/main.c
@@ -269,6 +269,8 @@ int main (int argc, char ** argv)
long sysval;
int len, mount_flags;
char *mtpt, *undo_file = NULL;
+ dgrp_t new_group_desc_count;
+ unsigned long new_desc_blocks;
#ifdef ENABLE_NLS
setlocale(LC_MESSAGES, "");
@@ -528,6 +530,18 @@ int main (int argc, char ** argv)
exit(1);
}
}
+ new_group_desc_count = ext2fs_div64_ceil(new_size -
+ fs->super->s_first_data_block,
+ EXT2_BLOCKS_PER_GROUP(fs->super));
+ new_desc_blocks = ext2fs_div_ceil(new_group_desc_count,
+ EXT2_DESC_PER_BLOCK(fs->super));
+ if ((new_desc_blocks + fs->super->s_first_data_block) >
+ EXT2_BLOCKS_PER_GROUP(fs->super)) {
+ com_err(program_name, 0,
+ _("New size results in too many block group "
+ "descriptors.\n"));
+ exit(1);
+ }
if (!force && new_size < min_size) {
com_err(program_name, 0,
--
2.35.1

View File

@ -1,48 +0,0 @@
From 7fa914a178bbda39e3ed75326e18b183784fd57e Mon Sep 17 00:00:00 2001
From: Wu Guanghao <wuguanghao3@huawei.com>
Date: Wed, 28 Jul 2021 09:56:45 +0800
Subject: [PATCH 35/46] ss_add_info_dir: fix error handling when memory
allocation fails
Content-Type: text/plain
If the realloc() and malloc() calls fail, avoid a memory leak as well
as a potential seg fault.
[ Fix error code setting to avoid depending on malloc() and realloc()
setting errno. -- TYT ]
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Reviewed-by: Wu Bo <wubo40@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ss/help.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/lib/ss/help.c b/lib/ss/help.c
index 5204401b..96eb1092 100644
--- a/lib/ss/help.c
+++ b/lib/ss/help.c
@@ -148,13 +148,16 @@ void ss_add_info_dir(int sci_idx, char *info_dir, int *code_ptr)
dirs = (char **)realloc((char *)dirs,
(unsigned)(n_dirs + 2)*sizeof(char *));
if (dirs == (char **)NULL) {
- info->info_dirs = (char **)NULL;
- *code_ptr = errno;
+ *code_ptr = ENOMEM;
return;
}
info->info_dirs = dirs;
dirs[n_dirs + 1] = (char *)NULL;
dirs[n_dirs] = malloc((unsigned)strlen(info_dir)+1);
+ if (dirs[n_dirs] == (char *)NULL) {
+ *code_ptr = ENOMEM;
+ return;
+ }
strcpy(dirs[n_dirs], info_dir);
*code_ptr = 0;
}
--
2.35.1

View File

@ -1,112 +0,0 @@
From e46e4a8c3c298ec05092008966072d73437c9728 Mon Sep 17 00:00:00 2001
From: Wu Guanghao <wuguanghao3@huawei.com>
Date: Wed, 28 Jul 2021 09:56:46 +0800
Subject: [PATCH 36/46] ss_create_invocation: fix error handling when memory
allocation fails
Content-Type: text/plain
In ss_create_invocation(), it is necessary to check whether
returned by malloc is a null pointer.
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ss/invocation.c | 42 +++++++++++++++++++++++++++++++++---------
1 file changed, 33 insertions(+), 9 deletions(-)
diff --git a/lib/ss/invocation.c b/lib/ss/invocation.c
index 457e7a2c..bf5ea0ce 100644
--- a/lib/ss/invocation.c
+++ b/lib/ss/invocation.c
@@ -26,29 +26,33 @@ int ss_create_invocation(const char *subsystem_name, const char *version_string,
void *info_ptr, ss_request_table *request_table_ptr,
int *code_ptr)
{
- register int sci_idx;
- register ss_data *new_table;
- register ss_data **table;
+ int sci_idx;
+ ss_data *new_table = NULL;
+ ss_data **table = NULL;
+ ss_data **realloc_table = NULL;
*code_ptr = 0;
table = _ss_table;
new_table = (ss_data *) malloc(sizeof(ss_data));
+ if (!new_table)
+ goto out;
if (table == (ss_data **) NULL) {
table = (ss_data **) malloc(2 * size);
+ if (!table)
+ goto out;
table[0] = table[1] = (ss_data *)NULL;
}
initialize_ss_error_table ();
for (sci_idx = 1; table[sci_idx] != (ss_data *)NULL; sci_idx++)
;
- table = (ss_data **) realloc((char *)table,
+ realloc_table = (ss_data **) realloc((char *)table,
((unsigned)sci_idx+2)*size);
- if (table == NULL) {
- *code_ptr = ENOMEM;
- free(new_table);
- return 0;
- }
+ if (realloc_table == NULL)
+ goto out;
+
+ table = realloc_table;
table[sci_idx+1] = (ss_data *) NULL;
table[sci_idx] = new_table;
@@ -57,9 +61,15 @@ int ss_create_invocation(const char *subsystem_name, const char *version_string,
new_table->argv = (char **)NULL;
new_table->current_request = (char *)NULL;
new_table->info_dirs = (char **)malloc(sizeof(char *));
+ if (!new_table->info_dirs)
+ goto out;
+
*new_table->info_dirs = (char *)NULL;
new_table->info_ptr = info_ptr;
new_table->prompt = malloc((unsigned)strlen(subsystem_name)+4);
+ if (!new_table->prompt)
+ goto out;
+
strcpy(new_table->prompt, subsystem_name);
strcat(new_table->prompt, ": ");
#ifdef silly
@@ -71,6 +81,9 @@ int ss_create_invocation(const char *subsystem_name, const char *version_string,
new_table->flags.abbrevs_disabled = 0;
new_table->rqt_tables =
(ss_request_table **) calloc(2, sizeof(ss_request_table *));
+ if (!new_table->rqt_tables)
+ goto out;
+
*(new_table->rqt_tables) = request_table_ptr;
*(new_table->rqt_tables+1) = (ss_request_table *) NULL;
@@ -85,6 +98,17 @@ int ss_create_invocation(const char *subsystem_name, const char *version_string,
ss_get_readline(sci_idx);
#endif
return(sci_idx);
+
+out:
+ if (new_table) {
+ free(new_table->prompt);
+ free(new_table->info_dirs);
+ }
+ free(new_table);
+ free(table);
+ *code_ptr = ENOMEM;
+ return 0;
+
}
void
--
2.35.1

View File

@ -1,30 +0,0 @@
From 1f70da1ff20ed99f2a3ac26a61a6492279bd44de Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 3 Aug 2021 11:03:34 -0400
Subject: [PATCH 38/46] ss_create_invocation: fix potential unititalized
reference in error path
Content-Type: text/plain
Fixes: eccdde1ff381 ("ss_create_invocation: fix error handling when ...")
Addresses-Coverity-Bug: 1489771
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ss/invocation.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/ss/invocation.c b/lib/ss/invocation.c
index bf5ea0ce..7d7458a7 100644
--- a/lib/ss/invocation.c
+++ b/lib/ss/invocation.c
@@ -36,6 +36,7 @@ int ss_create_invocation(const char *subsystem_name, const char *version_string,
new_table = (ss_data *) malloc(sizeof(ss_data));
if (!new_table)
goto out;
+ memset(new_table, 0, sizeof(ss_data));
if (table == (ss_data **) NULL) {
table = (ss_data **) malloc(2 * size);
--
2.35.1

View File

@ -1,33 +0,0 @@
From a6f7be73206a27f6b5eb95ed66095d38110560cc Mon Sep 17 00:00:00 2001
From: wuguanghao <wuguanghao3@huawei.com>
Date: Wed, 30 Jun 2021 16:27:14 +0800
Subject: [PATCH 27/46] tdb_transaction_recover: fix memory leak
Content-Type: text/plain
In tdb_transaction_recover(), need free data before return,
otherwise it will cause memory leak.
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Reviewed-by: Wu Bo <wubo40@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
lib/ext2fs/tdb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/ext2fs/tdb.c b/lib/ext2fs/tdb.c
index 5091b128..0fb94815 100644
--- a/lib/ext2fs/tdb.c
+++ b/lib/ext2fs/tdb.c
@@ -2186,6 +2186,7 @@ int tdb_transaction_recover(struct tdb_context *tdb)
rec.data_len, 0) == -1) {
TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to read recovery data\n"));
tdb->ecode = TDB_ERR_IO;
+ free(data);
return -1;
}
--
2.35.1

View File

@ -1,33 +0,0 @@
From 4b2fa25a97e53636dfe216198a1e97266cf0709a Mon Sep 17 00:00:00 2001
From: Lukas Czerner <lczerner@redhat.com>
Date: Thu, 2 Sep 2021 12:58:52 +0200
Subject: [PATCH 46/46] tests: Add option to print diff output of failed tests
Content-Type: text/plain
Add variable $PRINT_FAILED which when set will print the diff output of
a failed test.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
tests/test_one.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tests/test_one.in b/tests/test_one.in
index 5d7607ad..78499ad0 100644
--- a/tests/test_one.in
+++ b/tests/test_one.in
@@ -82,6 +82,10 @@ if [ $elapsed -gt 60 -a ! -f $test_dir/is_slow_test ]; then
echo "$test_name: consider adding $test_dir/is_slow_test"
fi
+if [ -n "$PRINT_FAILED" -a -f $test_name.failed ] ; then
+ cat $test_name.failed
+fi
+
if [ "$SKIP_UNLINK" != "true" ] ; then
rm -f $TMPFILE
fi
--
2.35.1

View File

@ -1,284 +0,0 @@
From fb4a6ed596f6a9f6b1c6d3d9307ef8259d988c04 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Thu, 13 Feb 2020 11:16:02 +0100
Subject: [PATCH 06/46] tune2fs: update dir checksums when clearing dir_index
feature
Content-Type: text/plain
When clearing dir_index feature while metadata_csum is enabled, we have
to rewrite checksums of all indexed directories to update checksums of
internal tree nodes.
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/tune2fs.c | 143 ++++++++++++++++++++++++++++++++-----------------
1 file changed, 95 insertions(+), 48 deletions(-)
diff --git a/misc/tune2fs.c b/misc/tune2fs.c
index 39cf8587..a7a779b8 100644
--- a/misc/tune2fs.c
+++ b/misc/tune2fs.c
@@ -504,7 +504,8 @@ struct rewrite_dir_context {
char *buf;
errcode_t errcode;
ext2_ino_t dir;
- int is_htree;
+ int is_htree:1;
+ int clear_htree:1;
};
static int rewrite_dir_block(ext2_filsys fs,
@@ -523,8 +524,13 @@ static int rewrite_dir_block(ext2_filsys fs,
if (ctx->errcode)
return BLOCK_ABORT;
- /* if htree node... */
- if (ctx->is_htree)
+ /*
+ * if htree node... Note that if we are clearing htree structures from
+ * the directory, we treat the htree internal block as an ordinary leaf.
+ * The code below will do the right thing and make space for checksum
+ * there.
+ */
+ if (ctx->is_htree && !ctx->clear_htree)
ext2fs_get_dx_countlimit(fs, (struct ext2_dir_entry *)ctx->buf,
&dcl, &dcl_offset);
if (dcl) {
@@ -653,7 +659,8 @@ static errcode_t rewrite_directory(ext2_filsys fs, ext2_ino_t dir,
if (retval)
return retval;
- ctx.is_htree = (inode->i_flags & EXT2_INDEX_FL);
+ ctx.is_htree = !!(inode->i_flags & EXT2_INDEX_FL);
+ ctx.clear_htree = !ext2fs_has_feature_dir_index(fs->super);
ctx.dir = dir;
ctx.errcode = 0;
retval = ext2fs_block_iterate3(fs, dir, BLOCK_FLAG_READ_ONLY |
@@ -664,6 +671,13 @@ static errcode_t rewrite_directory(ext2_filsys fs, ext2_ino_t dir,
if (retval)
return retval;
+ if (ctx.is_htree && ctx.clear_htree) {
+ inode->i_flags &= ~EXT2_INDEX_FL;
+ retval = ext2fs_write_inode(fs, dir, inode);
+ if (retval)
+ return retval;
+ }
+
return ctx.errcode;
}
@@ -818,28 +832,67 @@ static void rewrite_one_inode(struct rewrite_context *ctx, ext2_ino_t ino,
fatal_err(retval, "while rewriting extended attribute");
}
-/*
- * Forcibly set checksums in all inodes.
- */
-static void rewrite_inodes(ext2_filsys fs)
+#define REWRITE_EA_FL 0x01 /* Rewrite EA inodes */
+#define REWRITE_DIR_FL 0x02 /* Rewrite directories */
+#define REWRITE_NONDIR_FL 0x04 /* Rewrite other inodes */
+#define REWRITE_ALL (REWRITE_EA_FL | REWRITE_DIR_FL | REWRITE_NONDIR_FL)
+
+static void rewrite_inodes_pass(struct rewrite_context *ctx, unsigned int flags)
{
ext2_inode_scan scan;
errcode_t retval;
ext2_ino_t ino;
struct ext2_inode *inode;
- int pass;
+ int rewrite;
+
+ retval = ext2fs_get_mem(ctx->inode_size, &inode);
+ if (retval)
+ fatal_err(retval, "while allocating memory");
+
+ retval = ext2fs_open_inode_scan(ctx->fs, 0, &scan);
+ if (retval)
+ fatal_err(retval, "while opening inode scan");
+
+ do {
+ retval = ext2fs_get_next_inode_full(scan, &ino, inode,
+ ctx->inode_size);
+ if (retval)
+ fatal_err(retval, "while getting next inode");
+ if (!ino)
+ break;
+
+ rewrite = 0;
+ if (inode->i_flags & EXT4_EA_INODE_FL) {
+ if (flags & REWRITE_EA_FL)
+ rewrite = 1;
+ } else if (LINUX_S_ISDIR(inode->i_mode)) {
+ if (flags & REWRITE_DIR_FL)
+ rewrite = 1;
+ } else {
+ if (flags & REWRITE_NONDIR_FL)
+ rewrite = 1;
+ }
+ if (rewrite)
+ rewrite_one_inode(ctx, ino, inode);
+ } while (ino);
+ ext2fs_close_inode_scan(scan);
+ ext2fs_free_mem(&inode);
+}
+
+/*
+ * Forcibly rewrite checksums in inodes specified by 'flags'
+ */
+static void rewrite_inodes(ext2_filsys fs, unsigned int flags)
+{
struct rewrite_context ctx = {
.fs = fs,
.inode_size = EXT2_INODE_SIZE(fs->super),
};
+ errcode_t retval;
if (fs->super->s_creator_os == EXT2_OS_HURD)
return;
- retval = ext2fs_get_mem(ctx.inode_size, &inode);
- if (retval)
- fatal_err(retval, "while allocating memory");
-
retval = ext2fs_get_memzero(ctx.inode_size, &ctx.zero_inode);
if (retval)
fatal_err(retval, "while allocating memory");
@@ -858,39 +911,16 @@ static void rewrite_inodes(ext2_filsys fs)
*
* pass 2: go over other inodes to update their checksums.
*/
- if (ext2fs_has_feature_ea_inode(fs->super))
- pass = 1;
- else
- pass = 2;
- for (;pass <= 2; pass++) {
- retval = ext2fs_open_inode_scan(fs, 0, &scan);
- if (retval)
- fatal_err(retval, "while opening inode scan");
-
- do {
- retval = ext2fs_get_next_inode_full(scan, &ino, inode,
- ctx.inode_size);
- if (retval)
- fatal_err(retval, "while getting next inode");
- if (!ino)
- break;
-
- if (((pass == 1) &&
- (inode->i_flags & EXT4_EA_INODE_FL)) ||
- ((pass == 2) &&
- !(inode->i_flags & EXT4_EA_INODE_FL)))
- rewrite_one_inode(&ctx, ino, inode);
- } while (ino);
-
- ext2fs_close_inode_scan(scan);
- }
+ if (ext2fs_has_feature_ea_inode(fs->super) && (flags & REWRITE_EA_FL))
+ rewrite_inodes_pass(&ctx, REWRITE_EA_FL);
+ flags &= ~REWRITE_EA_FL;
+ rewrite_inodes_pass(&ctx, flags);
ext2fs_free_mem(&ctx.zero_inode);
ext2fs_free_mem(&ctx.ea_buf);
- ext2fs_free_mem(&inode);
}
-static void rewrite_metadata_checksums(ext2_filsys fs)
+static void rewrite_metadata_checksums(ext2_filsys fs, unsigned int flags)
{
errcode_t retval;
dgrp_t i;
@@ -902,7 +932,7 @@ static void rewrite_metadata_checksums(ext2_filsys fs)
retval = ext2fs_read_bitmaps(fs);
if (retval)
fatal_err(retval, "while reading bitmaps");
- rewrite_inodes(fs);
+ rewrite_inodes(fs, flags);
ext2fs_mark_ib_dirty(fs);
ext2fs_mark_bb_dirty(fs);
ext2fs_mmp_update2(fs, 1);
@@ -1201,6 +1231,23 @@ mmp_error:
uuid_generate((unsigned char *) sb->s_hash_seed);
}
+ if (FEATURE_OFF(E2P_FEATURE_COMPAT, EXT2_FEATURE_COMPAT_DIR_INDEX) &&
+ ext2fs_has_feature_metadata_csum(sb)) {
+ check_fsck_needed(fs,
+ _("Disabling directory index on filesystem with "
+ "checksums could take some time."));
+ if (mount_flags & EXT2_MF_MOUNTED) {
+ fputs(_("Cannot disable dir_index on a mounted "
+ "filesystem!\n"), stderr);
+ exit(1);
+ }
+ /*
+ * Clearing dir_index on checksummed filesystem requires
+ * rewriting all directories to update checksums.
+ */
+ rewrite_checksums |= REWRITE_DIR_FL;
+ }
+
if (FEATURE_OFF(E2P_FEATURE_INCOMPAT, EXT4_FEATURE_INCOMPAT_FLEX_BG)) {
if (ext2fs_check_desc(fs)) {
fputs(_("Clearing the flex_bg flag would "
@@ -1244,7 +1291,7 @@ mmp_error:
"The larger fields afforded by this feature "
"enable full-strength checksumming. "
"Run resize2fs -b to rectify.\n"));
- rewrite_checksums = 1;
+ rewrite_checksums = REWRITE_ALL;
/* metadata_csum supersedes uninit_bg */
ext2fs_clear_feature_gdt_csum(fs->super);
@@ -1272,7 +1319,7 @@ mmp_error:
"filesystem!\n"), stderr);
exit(1);
}
- rewrite_checksums = 1;
+ rewrite_checksums = REWRITE_ALL;
/* Enable uninit_bg unless the user expressly turned it off */
memcpy(test_features, old_features, sizeof(test_features));
@@ -1454,7 +1501,7 @@ mmp_error:
}
check_fsck_needed(fs, _("Recalculating checksums "
"could take some time."));
- rewrite_checksums = 1;
+ rewrite_checksums = REWRITE_ALL;
}
}
@@ -3191,7 +3238,7 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
check_fsck_needed(fs,
_("Setting the UUID on this "
"filesystem could take some time."));
- rewrite_checksums = 1;
+ rewrite_checksums = REWRITE_ALL;
}
if (ext2fs_has_group_desc_csum(fs)) {
@@ -3302,7 +3349,7 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
if (retval == 0) {
printf(_("Setting inode size %lu\n"),
new_inode_size);
- rewrite_checksums = 1;
+ rewrite_checksums = REWRITE_ALL;
} else {
printf("%s", _("Failed to change inode size\n"));
rc = 1;
@@ -3311,7 +3358,7 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
}
if (rewrite_checksums)
- rewrite_metadata_checksums(fs);
+ rewrite_metadata_checksums(fs, rewrite_checksums);
if (l_flag)
list_super(sb);
--
2.35.1

View File

@ -1,37 +0,0 @@
From 8f0e75091cfcbdfbfa0f6d0e379e153ddaa268ac Mon Sep 17 00:00:00 2001
From: wuguanghao <wuguanghao3@huawei.com>
Date: Wed, 30 Jun 2021 16:27:15 +0800
Subject: [PATCH 28/46] zap_sector: fix memory leak
Content-Type: text/plain
In zap_sector(), need free buf before return,
otherwise it will cause memory leak.
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Reviewed-by: Wu Bo <wubo40@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
misc/mke2fs.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/misc/mke2fs.c b/misc/mke2fs.c
index 0184a3a8..389d0981 100644
--- a/misc/mke2fs.c
+++ b/misc/mke2fs.c
@@ -582,8 +582,10 @@ static void zap_sector(ext2_filsys fs, int sect, int nsect)
else {
magic = (unsigned int *) (buf + BSD_LABEL_OFFSET);
if ((*magic == BSD_DISKMAGIC) ||
- (*magic == BSD_MAGICDISK))
+ (*magic == BSD_MAGICDISK)) {
+ free(buf);
return;
+ }
}
}
--
2.35.1

View File

@ -1,7 +1,7 @@
Summary: Utilities for managing ext2, ext3, and ext4 file systems Summary: Utilities for managing ext2, ext3, and ext4 file systems
Name: e2fsprogs Name: e2fsprogs
Version: 1.45.6 Version: 1.45.6
Release: 5%{?dist} Release: 3%{?dist}
# License tags based on COPYING file distinctions for various components # License tags based on COPYING file distinctions for various components
License: GPLv2 License: GPLv2
@ -35,57 +35,6 @@ Patch4: e2fsprogs-1.45.6-Revert-libext2fs-revamp-bitmap-types-to-fix-LTO-warn.pa
Patch5: e2fsprogs-1.45.6-Revert-libext2fs-hide-struct-ext2fs_hashmap-as-an-in.patch Patch5: e2fsprogs-1.45.6-Revert-libext2fs-hide-struct-ext2fs_hashmap-as-an-in.patch
Patch6: e2fsprogs-1.45.6-ext2fs-fix-ABI-change-in-the-struct_ext2_filsys-stru.patch Patch6: e2fsprogs-1.45.6-ext2fs-fix-ABI-change-in-the-struct_ext2_filsys-stru.patch
Patch7: e2fsprogs-1.45.6-mke2fs-Escape-double-quotes-when-parsing-mke2fs.conf.patch Patch7: e2fsprogs-1.45.6-mke2fs-Escape-double-quotes-when-parsing-mke2fs.conf.patch
Patch8: 0001-reisze2fs-sanity-check-free-block-group-counts-when-.patch
Patch9: 0001-tests-support-older-versions-of-timeout-in-r_corrupt.patch
Patch10: 0001-tests-specify-inode-size-in-r_corrupt_fs.patch
Patch11: e2fsprogs-1.45.6-libext2fs-fix-crash-in-ext2fs_open2-on-Big-Endian-sy.patch
Patch12: e2fsprogs-1.45.6-libext2fs-fix-crash-in-ext2fs_image_super_write-on-B.patch
Patch13: e2fsprogs-1.45.6-libext2fs-teach-ext2fs_flush-to-check-if-group-descr.patch
Patch14: e2fsprogs-1.45.6-libext2fs-don-t-needlessly-byte-swap-the-group-descr.patch
Patch15: e2fsprogs-1.45.6-e2fsck-fix-indexed-dir-rehash-failure-with-metadata_.patch
Patch16: e2fsprogs-1.45.6-tune2fs-update-dir-checksums-when-clearing-dir_index.patch
Patch17: e2fsprogs-1.45.6-e2fsck-fix-off-by-one-check-when-validating-depth-of.patch
Patch18: e2fsprogs-1.45.6-libext2fs-fix-potential-buffer-overrun-in-__get_dire.patch
Patch19: e2fsprogs-1.45.6-e2fsck-use-size_t-instead-of-int-in-string_copy.patch
Patch20: e2fsprogs-1.45.6-mke2fs-fix-up-check-for-hardlinks-always-false-if-in.patch
Patch21: e2fsprogs-1.45.6-resize2fs-prevent-block-group-descriptors-from-overf.patch
Patch22: e2fsprogs-1.45.6-debugfs-fix-parse_uint-for-64-bit-fields.patch
Patch23: e2fsprogs-1.45.6-create_inode-set-xattrs-to-the-root-directory-as-wel.patch
Patch24: e2fsprogs-1.45.6-filefrag-handle-invalid-st_dev-and-blksize-cases.patch
Patch25: e2fsprogs-1.45.6-libext2fs-fix-incorrect-negative-error-return-in-uni.patch
Patch26: e2fsprogs-1.45.6-debugfs-fix-double-free-in-realloc-error-path-in-rea.patch
Patch27: e2fsprogs-1.45.6-Fix-clang-warnings.patch
Patch28: e2fsprogs-1.45.6-libext2fs-fix-segault-when-setting-an-xattr-with-an-.patch
Patch29: e2fsprogs-1.45.6-debugfs-fix-memory-allocation-failures-when-parsing-.patch
Patch30: e2fsprogs-1.45.6-libext2fs-fix-crash-when-ext2fs_mmp_stop-is-called-b.patch
Patch31: e2fsprogs-1.45.6-Add-checks-for-fs-blocksize-0-which-could-cause-some.patch
Patch32: e2fsprogs-1.45.6-debugfs-fix-memory-leak-problem-in-read_list.patch
Patch33: e2fsprogs-1.45.6-mmp-do-not-use-O_DIRECT-when-working-with-regular-fi.patch
Patch34: e2fsprogs-1.45.6-resize2fs-avoid-allocating-over-the-MMP-block.patch
Patch35: e2fsprogs-1.45.6-e2image-fix-overflow-in-l2-table-processing.patch
Patch36: e2fsprogs-1.45.6-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch
Patch37: e2fsprogs-1.45.6-tdb_transaction_recover-fix-memory-leak.patch
Patch38: e2fsprogs-1.45.6-zap_sector-fix-memory-leak.patch
Patch39: e2fsprogs-1.45.6-append_pathname-check-the-value-returned-by-realloc.patch
Patch40: e2fsprogs-1.45.6-argv_parse-check-return-value-of-malloc-in-argv_pars.patch
Patch41: e2fsprogs-1.45.6-misc-fix-potential-segmentation-fault-problem-in-sca.patch
Patch42: e2fsprogs-1.45.6-lib-ss-error.c-check-return-value-malloc-in-ss_name.patch
Patch43: e2fsprogs-1.45.6-ext2ed-fix-potential-NULL-pointer-dereference-in-dup.patch
Patch44: e2fsprogs-1.45.6-mke2fs-only-try-discarding-a-single-block-to-test-if.patch
Patch45: e2fsprogs-1.45.6-ss_add_info_dir-fix-error-handling-when-memory-alloc.patch
Patch46: e2fsprogs-1.45.6-ss_create_invocation-fix-error-handling-when-memory-.patch
Patch47: e2fsprogs-1.45.6-lsattr-check-whether-path-is-NULL-in-lsattr_dir_proc.patch
Patch48: e2fsprogs-1.45.6-ss_create_invocation-fix-potential-unititalized-refe.patch
Patch49: e2fsprogs-1.45.6-quota-Do-not-account-space-used-by-project-quota-fil.patch
Patch50: e2fsprogs-1.45.6-libext2fs-fix-unexpected-NULL-variable.patch
Patch51: e2fsprogs-1.45.6-libext2fs-remove-augmented-rbtree-functionality.patch
Patch52: e2fsprogs-1.45.6-libss-handle-memory-allcation-failure-in-ss_help.patch
Patch53: e2fsprogs-1.45.6-libss-Add-missing-error-handling-for-fdopen.patch
Patch54: e2fsprogs-1.45.6-libsupport-fix-potental-NULL-pointer-dereferences-in.patch
Patch55: e2fsprogs-1.45.6-e2fsck-add-maximum-string-length-specifiers-to-fscan.patch
Patch56: e2fsprogs-1.45.6-tests-Add-option-to-print-diff-output-of-failed-test.patch
Patch57: e2fsprogs-1.45.6-libext2fs-add-sanity-check-to-extent-manipulation.patch
Patch58: e2fsprogs-1.45.6-libss-fix-possible-NULL-pointer-dereferece-on-alloca.patch
%description %description
The e2fsprogs package contains a number of utilities for creating, The e2fsprogs package contains a number of utilities for creating,
@ -212,57 +161,6 @@ It was originally inspired by the Multics SubSystem library.
%patch5 -p1 %patch5 -p1
%patch6 -p1 %patch6 -p1
%patch7 -p1 %patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch33 -p1
%patch34 -p1
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch38 -p1
%patch39 -p1
%patch40 -p1
%patch41 -p1
%patch42 -p1
%patch43 -p1
%patch44 -p1
%patch45 -p1
%patch46 -p1
%patch47 -p1
%patch48 -p1
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch52 -p1
%patch53 -p1
%patch54 -p1
%patch55 -p1
%patch56 -p1
%patch57 -p1
%patch58 -p1
%build %build
%configure CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \ %configure CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \
@ -286,7 +184,7 @@ chmod +w %{buildroot}%{_libdir}/*.a
%find_lang %{name} %find_lang %{name}
%check %check
make PRINT_FAILED=yes fullcheck make fullcheck
%post libs -p /sbin/ldconfig %post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig
@ -425,13 +323,6 @@ exit 0
%{_libdir}/pkgconfig/ss.pc %{_libdir}/pkgconfig/ss.pc
%changelog %changelog
* Wed May 11 2022 Lukas Czerner <lczerner@redhat.com> 1.45.6-5
- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)
* Wed Feb 16 2022 Lukas Czerner <lczerner@redhat.com> 1.45.6-4
- Sanity check free block group counts when calculating minimum size (#2054129)
* Thu Jan 27 2022 Lukas Czerner <lczerner@redhat.com> 1.45.6-3 * Thu Jan 27 2022 Lukas Czerner <lczerner@redhat.com> 1.45.6-3
- Rebuild to ship libss-devel package (#1947449) - Rebuild to ship libss-devel package (#1947449)