From: Theodore Ts'o <tytso@mit.edu>
Date: Sat, 1 Dec 2007 12:08:45 +0000 (-0500)
Subject: libext2fs: Fix a corner case bug in ext2fs_unlink
X-Git-Tag: v1.40.3~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e5a86a66044c4bf4021d1e2900a8748011f17b5;p=thirdparty%2Fe2fsprogs.git

libext2fs: Fix a corner case bug in ext2fs_unlink

We cannot merge a removed directory entry to just arbitrary previous
directory entry. The previous entry must be in the same block.  So
really bad things can happen when are deleting the first directory
entry in a block where the last directory entry in the previous
directory block is not in use.  We fix this bug by checking to see if
the current entry is not the first one in the block before trying to
merge it to the previous entry.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---

diff --git a/lib/ext2fs/unlink.c b/lib/ext2fs/unlink.c
index e7b2182d2..a48b8775c 100644
--- a/lib/ext2fs/unlink.c
+++ b/lib/ext2fs/unlink.c
@@ -31,7 +31,7 @@ struct link_struct  {
  #pragma argsused
 #endif
 static int unlink_proc(struct ext2_dir_entry *dirent,
-		     int	offset EXT2FS_ATTR((unused)),
+		     int	offset,
 		     int	blocksize EXT2FS_ATTR((unused)),
 		     char	*buf EXT2FS_ATTR((unused)),
 		     void	*priv_data)
@@ -56,7 +56,7 @@ static int unlink_proc(struct ext2_dir_entry *dirent,
 			return 0;
 	}
 
-	if (prev) 
+	if (offset)
 		prev->rec_len += dirent->rec_len;
 	else
 		dirent->inode = 0;