From: Theodore Ts'o <tytso@mit.edu>
Date: Thu, 27 Dec 2007 15:08:13 +0000 (-0500)
Subject: Convert use of ext2fs_get_mem to ext2fs_get_array for overflow detection
X-Git-Tag: v1.40.4~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e5aace908e9d1161a594944d9360f9f0cdd18099;p=thirdparty%2Fe2fsprogs.git

Convert use of ext2fs_get_mem to ext2fs_get_array for overflow detection

Add some additional checks, primarily in resize2fs and in the rarely
used (and soon to-be-deprecated) e2fsck byte-swap filesystem function.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---

diff --git a/e2fsck/swapfs.c b/e2fsck/swapfs.c
index fb7270c0f..9df1d11e6 100644
--- a/e2fsck/swapfs.c
+++ b/e2fsck/swapfs.c
@@ -119,7 +119,7 @@ static void swap_inodes(e2fsck_t ctx)
 
 	e2fsck_use_inode_shortcuts(ctx, 1);
 	
-	retval = ext2fs_get_mem(fs->blocksize * fs->inode_blocks_per_group,
+	retval = ext2fs_get_array(fs->blocksize, fs->inode_blocks_per_group,
 				&buf);
 	if (retval) {
 		com_err("swap_inodes", retval,
diff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h
index 06ba9a2f5..e1ae89d3a 100644
--- a/lib/ext2fs/ext2fs.h
+++ b/lib/ext2fs/ext2fs.h
@@ -1019,6 +1019,7 @@ _INLINE_ errcode_t ext2fs_get_mem(unsigned long size, void *ptr)
 	memcpy(ptr, &pp, sizeof (pp));
 	return 0;
 }
+
 _INLINE_ errcode_t ext2fs_get_array(unsigned long count, unsigned long size, void *ptr)
 {
 	if (count && (-1UL)/count<size)
diff --git a/resize/extent.c b/resize/extent.c
index bf53d1299..ca2c68cd3 100644
--- a/resize/extent.c
+++ b/resize/extent.c
@@ -49,7 +49,7 @@ errcode_t ext2fs_create_extent_table(ext2_extent *ret_extent, int size)
 	extent->num = 0;
 	extent->sorted = 1;
 
-	retval = ext2fs_get_mem(sizeof(struct ext2_extent_entry) *
+	retval = ext2fs_get_array(sizeof(struct ext2_extent_entry),
 				extent->size, &extent->list);
 	if (retval) {
 		ext2fs_free_mem(&extent);
diff --git a/resize/resize2fs.c b/resize/resize2fs.c
index 0d6a08241..473a74cf0 100644
--- a/resize/resize2fs.c
+++ b/resize/resize2fs.c
@@ -481,7 +481,7 @@ static errcode_t adjust_superblock(ext2_resize_t rfs, blk_t new_size)
 	/*
 	 * Initialize the new block group descriptors
 	 */
-	retval = ext2fs_get_mem(fs->blocksize * fs->inode_blocks_per_group,
+	retval = ext2fs_get_array(fs->blocksize, fs->inode_blocks_per_group,
 				&rfs->itable_buf);
 	if (retval)
 		goto errout;
@@ -917,7 +917,7 @@ static errcode_t block_mover(ext2_resize_t rfs)
 
 	new_blk = fs->super->s_first_data_block;
 	if (!rfs->itable_buf) {
-		retval = ext2fs_get_mem(fs->blocksize *
+		retval = ext2fs_get_array(fs->blocksize,
 					fs->inode_blocks_per_group,
 					&rfs->itable_buf);
 		if (retval)
@@ -1138,7 +1138,7 @@ static errcode_t inode_scan_and_fix(ext2_resize_t rfs)
 
 	retval = ext2fs_init_dblist(rfs->old_fs, 0);
 	if (retval) goto errout;
-	retval = ext2fs_get_mem(rfs->old_fs->blocksize * 3, &block_buf);
+	retval = ext2fs_get_array(rfs->old_fs->blocksize, 3, &block_buf);
 	if (retval) goto errout;
 
 	start_to_move = (rfs->new_fs->group_desc_count *