]>
Commit | Line | Data |
---|---|---|
7d777456 GKH |
1 | From 570f16c4bfa97a7b2d3b3e6c0b8936ee91f32481 Mon Sep 17 00:00:00 2001 |
2 | From: Theodore Ts'o <tytso@mit.edu> | |
3 | Date: Sun, 30 May 2010 22:50:01 -0400 | |
4 | Subject: ext4: Avoid crashing on NULL ptr dereference on a filesystem error | |
5 | ||
6 | commit f70f362b4a6fe47c239dbfb3efc0cc2c10e4f09c upstream (as of v2.6.34-git13) | |
7 | ||
8 | If the EOFBLOCK_FL flag is set when it should not be and the inode is | |
9 | zero length, then eh_entries is zero, and ex is NULL, so dereferencing | |
10 | ex to print ex->ee_block causes a kernel OOPS in | |
11 | ext4_ext_map_blocks(). | |
12 | ||
13 | On top of that, the error message which is printed isn't very helpful. | |
14 | So we fix this by printing something more explanatory which doesn't | |
15 | involve trying to print ex->ee_block. | |
16 | ||
17 | Addresses-Google-Bug: #2655740 | |
18 | ||
19 | Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> | |
20 | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | |
21 | --- | |
22 | fs/ext4/extents.c | 11 +++++++---- | |
23 | 1 file changed, 7 insertions(+), 4 deletions(-) | |
24 | ||
25 | --- a/fs/ext4/extents.c | |
26 | +++ b/fs/ext4/extents.c | |
27 | @@ -3281,8 +3281,8 @@ int ext4_ext_get_blocks(handle_t *handle | |
28 | */ | |
29 | if (path[depth].p_ext == NULL && depth != 0) { | |
30 | ext4_error(inode->i_sb, __func__, "bad extent address " | |
31 | - "inode: %lu, iblock: %d, depth: %d", | |
32 | - inode->i_ino, iblock, depth); | |
33 | + "inode: %lu, iblock: %lu, depth: %d", | |
34 | + inode->i_ino, (unsigned long) iblock, depth); | |
35 | err = -EIO; | |
36 | goto out2; | |
37 | } | |
38 | @@ -3418,8 +3418,11 @@ int ext4_ext_get_blocks(handle_t *handle | |
39 | } else { | |
40 | WARN_ON(eh->eh_entries == 0); | |
41 | ext4_error(inode->i_sb, __func__, | |
42 | - "inode#%lu, eh->eh_entries = 0!", inode->i_ino); | |
43 | - } | |
44 | + "inode#%lu, eh->eh_entries = 0 and " | |
45 | + "EOFBLOCKS_FL set", inode->i_ino); | |
46 | + err = -EIO; | |
47 | + goto out2; | |
48 | + } | |
49 | } | |
50 | err = ext4_ext_insert_extent(handle, inode, path, &newex, flags); | |
51 | if (err) { |