libext2fs: return an error when byte swapping a corrupted dirblock block

Except for e2fsck (where we want to expose the corrupted directory
entries to e2fsck mostly so that the e2fsck output stays the same on
big-endian machines compared to little-endian machines, so we don't
break our regression tests), if the directory block is corrupted, and
ext2fs_dirent_swab_in[2](), trips across this, return an error.  This
will make sure that naive users of libextfs will not try to handle a
corrupted directory block.  This prevents potential buffer overruns in
the byte swapping code paths.

This commit does not cause any functional change on little-endian
systems.

Addresses-Coverity-Bug: 1433408
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

diff --git a/e2fsck/pass2.c b/e2fsck/pass2.c
index 3b473af02a43ed5ec2f65ec41cbdf1403c31fd3a..b86fe032c031444f38cc1cc5be90f2fc045b2b16 100644 (file)
--- a/e2fsck/pass2.c
+++ b/e2fsck/pass2.c
@@ -150,6 +150,7 @@ void e2fsck_pass2(e2fsck_t ctx)
        mtrace_print("Pass 2");
 #endif
 
+       fs->flags |= EXT2_FLAG_IGNORE_SWAP_DIRENT;
        if (!(ctx->options & E2F_OPT_PREEN))
                fix_problem(ctx, PR_2_PASS_HEADER, &cd.pctx);
 
@@ -317,6 +318,7 @@ void e2fsck_pass2(e2fsck_t ctx)
        print_resource_track(ctx, _("Pass 2"), &rtrack, fs->io);
 cleanup:
        ext2fs_free_mem(&buf);
+       fs->flags &= ~EXT2_FLAG_IGNORE_SWAP_DIRENT;
 }
 
 #define MAX_DEPTH 32000

diff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h
index 0ac3e451d9585dd7ce04a23735d0fa11deac6326..1e84074b5e6bf57f8735de6fe1fe1cf7c34469ea 100644 (file)
--- a/lib/ext2fs/ext2fs.h
+++ b/lib/ext2fs/ext2fs.h
@@ -219,6 +219,7 @@ typedef struct ext2_file *ext2_file_t;
 #define EXT2_FLAG_BBITMAP_TAIL_PROBLEM 0x1000000
 #define EXT2_FLAG_IBITMAP_TAIL_PROBLEM 0x2000000
 #define EXT2_FLAG_THREADS              0x4000000
+#define EXT2_FLAG_IGNORE_SWAP_DIRENT   0x8000000
 
 /*
  * Special flag in the ext2 inode i_flag field that means that this is

diff --git a/lib/ext2fs/swapfs.c b/lib/ext2fs/swapfs.c
index cd160b318f2d7579dcacbffd299efbb109f4b28d..5e6b22f46f9508cd86b8da2af8170860dfb8750e 100644 (file)
--- a/lib/ext2fs/swapfs.c
+++ b/lib/ext2fs/swapfs.c
@@ -434,11 +434,14 @@ errcode_t ext2fs_dirent_swab_in2(ext2_filsys fs, char *buf,
                        return retval;
                if ((rec_len < 8) || (rec_len % 4)) {
                        rec_len = 8;
-                       retval = EXT2_ET_DIR_CORRUPTED;
+                       if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT))
+                               return EXT2_ET_DIR_CORRUPTED;
                } else if (((name_len & 0xFF) + 8) > rec_len)
-                       retval = EXT2_ET_DIR_CORRUPTED;
+                       if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT))
+                               return EXT2_ET_DIR_CORRUPTED;
                if (rec_len > left)
-                       return EXT2_ET_DIR_CORRUPTED;
+                       if (!(fs->flags & EXT2_FLAG_IGNORE_SWAP_DIRENT))
+                               return EXT2_ET_DIR_CORRUPTED;
                left -= rec_len;
                p += rec_len;
        }