libext2fs: teach ext2fs_open() to reject file systems with an invalid cluster size

If the cluster size is smaller than the block size, this can result in
a negative shift, which is undefined.  When such a file system is
opened, immediately return an error indicating that the file system is
corrupted.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

diff --git a/lib/ext2fs/openfs.c b/lib/ext2fs/openfs.c
index 5ec8ed5c1bb10f3443d71b1b4723c16e45c17053..05839ad68b9910e2ac63746dc51aeba1905aab65 100644 (file)
--- a/lib/ext2fs/openfs.c
+++ b/lib/ext2fs/openfs.c
@@ -295,8 +295,11 @@ retry:
                }
        }
 
-       if (fs->super->s_log_block_size >
-           (unsigned) (EXT2_MAX_BLOCK_LOG_SIZE - EXT2_MIN_BLOCK_LOG_SIZE)) {
+       if ((fs->super->s_log_block_size >
+            (unsigned) (EXT2_MAX_BLOCK_LOG_SIZE - EXT2_MIN_BLOCK_LOG_SIZE)) ||
+           (fs->super->s_log_cluster_size >
+            (unsigned) (EXT2_MAX_CLUSTER_LOG_SIZE - EXT2_MIN_CLUSTER_LOG_SIZE)) ||
+           (fs->super->s_log_block_size > fs->super->s_log_cluster_size)) {
                retval = EXT2_ET_CORRUPT_SUPERBLOCK;
                goto cleanup;
        }