git.ipfire.org Git - thirdparty/e2fsprogs.git/commit

author	Andreas Dilger <adilger@whamcloud.com>
	Wed, 12 Feb 2020 01:07:21 +0000 (18:07 -0700)
committer	Theodore Ts'o <tytso@mit.edu>
	Wed, 4 Mar 2020 23:37:29 +0000 (18:37 -0500)
commit	937650f78e2d0e087048acd2a878139b27df3625
tree	cca2820dd60d8249f556c91527e25ce29c6160d7	tree \| snapshot
parent	e08226c708a0d1ba0fa5f7ba4f6e240b94cd9fb3	commit \| diff

e2fsck: avoid overflow with very large dirs

In alloc_size_dir() it multiples signed ints when allocating the
buffer for rehashing an htree-indexed directory. This will overflow
when the directory size is above 4GB, which is possible with largedir
directories having about 100M entries, assuming an average 3/4 leaf
fullness and 24-byte filenames, or fewer with longer filenames.
The same problem exisgs in get_next_block().

Similarly, the out_dir struct used a signed int for the number of
blocks in the directory, which may result in a negative size if the
directory is over 2GB (about 50M entries or fewer).

Use appropriate unsigned variables for block counts, and use larger
types for calculating the byte count for memory offsets/sizes.

Such large directories not been seen yet, but are not too far away.
The ext2fs_get_array() function will properly calculate the needed
memory allocation, and detect overflow on 32-bit systems.
Add ext2fs_resize_array() to do the same for array resize.

Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Lustre-bug-id: https://jira.whamcloud.com/browse/LU-13197
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck/pass2.c		diff \| blob \| blame \| history
e2fsck/rehash.c		diff \| blob \| blame \| history
lib/ext2fs/ext2fs.h		diff \| blob \| blame \| history