diff options
| author | Theodore Ts'o <tytso@mit.edu> | 2022-08-13 23:32:42 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2022-08-13 23:32:42 -0400 |
| commit | b84eee32d54b20679b27cdff231cd72619e4cc44 (patch) | |
| tree | 9ea1ba1ee3198d824acd9f17be62bf10d49c2774 | |
| parent | 7294686e58990a7d510bbe7d9598ca0910d0ad4b (diff) | |
| download | e2fsprogs-b84eee32d54b20679b27cdff231cd72619e4cc44.tar.gz | |
libext2fs: return an error when byte swapping a corrupted dirblock block
Except for e2fsck (where we want to expose the corrupted directory
entries to e2fsck mostly so that the e2fsck output stays the same on
big-endian machines compared to little-endian machines, so we don't
break our regression tests), if the directory block is corrupted, and
ext2fs_dirent_swab_in[2](), trips across this, return an error. This
will make sure that naive users of libextfs will not try to handle a
corrupted directory block. This prevents potential buffer overruns in
the byte swapping code paths.
This commit does not cause any functional change on little-endian
systems.
Addresses-Coverity-Bug: 1433408
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
| -rw-r--r-- | e2fsck/pass2.c | 2 | ||||
| -rw-r--r-- | lib/ext2fs/ext2fs.h | 1 | ||||
| -rw-r--r-- | lib/ext2fs/swapfs.c | 9 |
3 files changed, 9 insertions, 3 deletions
diff --git a/e2fsck/pass2.c b/e2fsck/pass2.c index 3b473af02..b86fe032c 100644 --- a/e2fsck/pass2.c +++ b/e2fsck/pass2.c @@ -150,6 +150,7 @@ void e2fsck_pass2(e2fsck_t ctx) mtrace_print("Pass 2"); #endif + fs->flags |= EXT2_FLAG_IGNORE_SWAP_DIRENT; if (!(ctx->options & E2F_OPT_PREEN)) fix_problem(ctx, PR_2_PASS_HEADER, &cd.pctx); @@ -317,6 +318,7 @@ void e2fsck_pass2(e2fsck_t ctx) print_resource_track(ctx, _("Pass 2"), &rtrack, fs->io); cleanup: ext2fs_free_mem(&buf); + fs->flags &= ~EXT2_FLAG_IGNORE_SWAP_DIRENT; } #define MAX_DEPTH 32000 diff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h index 0ac3e451d..1e84074b5 100644 --- a/lib/ext2fs/ext2fs.h +++ b/lib/ext2fs/ext2fs.h @@ -219,6 +219,7 @@ typedef struct ext2_file *ext2_file_t; #define EXT2_FLAG_BBITMAP_TAIL_PROBLEM 0x1000000 #define EXT2_FLAG_IBITMAP_TAIL_PROBLEM 0x2000000 #define EXT2_FLAG_THREADS 0x4000000 +#define EXT2_FLAG_IGNORE_SWAP_DIRENT 0x8000000 /* * Special flag in the ext2 inode i_flag field that means that this is diff --git a/lib/ext2fs/swapfs.c b/lib/ext2fs/swapfs.c index cd160b318..5e6b22f46 100644 --- a/lib/ext2fs/swapfs.c +++ b/lib/ext2fs/swapfs.c @@ -434,11 +434,14 @@ errcode_t ext2fs_dirent_swab_in2(ext2_filsys fs, char *buf, return retval; if ((rec_len < 8) || (rec_len % 4)) { rec_len = 8; - retval = EXT2_ET_DIR_CORRUPTED; + if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT)) + return EXT2_ET_DIR_CORRUPTED; } else if (((name_len & 0xFF) + 8) > rec_len) - retval = EXT2_ET_DIR_CORRUPTED; + if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT)) + return EXT2_ET_DIR_CORRUPTED; if (rec_len > left) - return EXT2_ET_DIR_CORRUPTED; + if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT)) + return EXT2_ET_DIR_CORRUPTED; left -= rec_len; p += rec_len; } |