From: Darrick J. Wong <darrick.wong@oracle.com>
Date: Mon, 28 Jan 2019 19:03:11 +0000 (-0600)
Subject: xfs_repair: fix off by one error when rebuilding high keys
X-Git-Tag: v4.20.0-rc1~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0ba6dae9f86f7c02e88d8846234f497e1cde3aa9;p=thirdparty%2Fxfsprogs-dev.git

xfs_repair: fix off by one error when rebuilding high keys

Fix an off-by-one error when scanning a rmap btree block for high keys
as part of rebuilding rmap btrees during phase 5.  This causes
xfs_repair to emit a corrupt filesystem, which is bad.

This can be reproduced pretty easily by exporting
TEST_XFS_REPAIR_REBUILD=1 and running generic/051 with a 1k block size.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
---

diff --git a/repair/phase5.c b/repair/phase5.c
index 85d1f4fbd..1bacfc7f9 100644
--- a/repair/phase5.c
+++ b/repair/phase5.c
@@ -1500,7 +1500,7 @@ prop_rmap_highkey(
 		bt_key->rm_offset = cpu_to_be64(
 				libxfs_rmap_irec_offset_pack(&high_key));
 
-		for (i = 1; i < numrecs - 1; i++) {
+		for (i = 1; i <= numrecs; i++) {
 			bt_key = XFS_RMAP_HIGH_KEY_ADDR(bt_hdr, i);
 			key.rm_startblock = be32_to_cpu(bt_key->rm_startblock);
 			key.rm_owner = be64_to_cpu(bt_key->rm_owner);