libext2fs: repair side effects when iterating dirents in inline dirs

In ext2fs_inline_data_dir_iterate(), we must be very careful to undo
any modifications we make to the dir_context pointer passed in by the
caller, because it's entirely possible that the caller will still want
to do something with the ctx or something inside.

Specifically, ext2fs_dblist_dir_iterate() wants to be able to free
ctx->buf, and it reuses the ctx for multiple dblist entries.  That
means that assigning ctx->buf will cause weird crashes at the end of
dir_iterate().

Since we're being careful with ctx, we might as well handle adding the
INLINE_DATA flag to ctx->flags for ext2fs_process_dir_block, since the
dblist caller forgets to unset the flag before reusing the ctx.

This fixes some crashes and valgrind complaints in resize2fs, and is
necessary for the next patch, which fixes resize2fs not to corrupt
inline_data filesystems.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>

diff --git a/lib/ext2fs/dblist_dir.c b/lib/ext2fs/dblist_dir.c
index 2fbb772c59cbd969b1f579ee2607f45cf87f9255..864a3ca0288ec00596bd0b0abbdf8816608adb6a 100644 (file)
--- a/lib/ext2fs/dblist_dir.c
+++ b/lib/ext2fs/dblist_dir.c
@@ -76,14 +76,12 @@ static int db_dir_proc(ext2_filsys fs, struct ext2_db_entry2 *db_info,
        ctx->errcode = ext2fs_read_inode(fs, ctx->dir, &inode);
        if (ctx->errcode)
                return DBLIST_ABORT;
-       if (inode.i_flags & EXT4_INLINE_DATA_FL) {
-               ctx->flags = DIRENT_FLAG_INCLUDE_INLINE_DATA;
+       if (inode.i_flags & EXT4_INLINE_DATA_FL)
                ret = ext2fs_inline_data_dir_iterate(fs, ctx->dir, ctx);
-       } else {
+       else
                ret = ext2fs_process_dir_block(fs, &db_info->blk,
                                               db_info->blockcnt, 0, 0,
                                               priv_data);
-       }
        if ((ret & BLOCK_ABORT) && !ctx->errcode)
                return DBLIST_ABORT;
        return 0;

diff --git a/lib/ext2fs/dir_iterate.c b/lib/ext2fs/dir_iterate.c
index 8cb6740a3b03812f971d58fce6a43365ddcc9324..67152cc7f6ea4a4777aeaa94b041abd37a0a4a05 100644 (file)
--- a/lib/ext2fs/dir_iterate.c
+++ b/lib/ext2fs/dir_iterate.c
@@ -128,7 +128,6 @@ errcode_t ext2fs_dir_iterate2(ext2_filsys fs,
        if (!block_buf)
                ext2fs_free_mem(&ctx.buf);
        if (retval == EXT2_ET_INLINE_DATA_CANT_ITERATE) {
-               ctx.flags |= DIRENT_FLAG_INCLUDE_INLINE_DATA;
                (void) ext2fs_inline_data_dir_iterate(fs, dir, &ctx);
                retval = 0;
        }

diff --git a/lib/ext2fs/inline_data.c b/lib/ext2fs/inline_data.c
index f3cd3751f45ca66d4a0c466c59f4ec1e1313fa64..7be0f96e22baca5feccd3c430dfa535bd7c1dd00 100644 (file)
--- a/lib/ext2fs/inline_data.c
+++ b/lib/ext2fs/inline_data.c
@@ -120,8 +120,15 @@ int ext2fs_inline_data_dir_iterate(ext2_filsys fs, ext2_ino_t ino,
        struct ext2_inline_data data;
        int ret = BLOCK_ABORT;
        e2_blkcnt_t blockcnt = 0;
+       char *old_buf;
+       unsigned int old_buflen;
+       int old_flags;
 
        ctx = (struct dir_context *)priv_data;
+       old_buf = ctx->buf;
+       old_buflen = ctx->buflen;
+       old_flags = ctx->flags;
+       ctx->flags |= DIRENT_FLAG_INCLUDE_INLINE_DATA;
 
        ctx->errcode = ext2fs_read_inode(fs, ino, &inode);
        if (ctx->errcode)
@@ -235,9 +242,10 @@ int ext2fs_inline_data_dir_iterate(ext2_filsys fs, ext2_ino_t ino,
 
 out1:
        ext2fs_free_mem(&data.ea_data);
-       ctx->buf = 0;
-
 out:
+       ctx->buf = old_buf;
+       ctx->buflen = old_buflen;
+       ctx->flags = old_flags;
        ret &= ~(BLOCK_ABORT | BLOCK_INLINE_DATA_CHANGED);
        return ret;
 }