From 75547072b8916cee1fdd15b4b20cd1070afa8da1 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Wed, 23 May 2018 16:30:48 -0500 Subject: [PATCH] xfs_repair: actually fix .. entries that point to inode zero If we encounter a directory with an entry that points to inode zero, we'll crash due to an ASSERT during process_inode_chunk. This is due to process_dir2_data not arranging for phase 6 to fix the parent pointer when '..' -> 0, so do that. Found via xfs/386 fuzzing bu[1].inumber to zero. [sandeen: change "parent pointer" to parent directory for clarity] Signed-off-by: Darrick J. Wong Reviewed-by: Eric Sandeen Signed-off-by: Eric Sandeen --- libxfs/libxfs_api_defs.h | 1 + repair/dir2.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/libxfs/libxfs_api_defs.h b/libxfs/libxfs_api_defs.h index fd471de75..e51979953 100644 --- a/libxfs/libxfs_api_defs.h +++ b/libxfs/libxfs_api_defs.h @@ -78,6 +78,7 @@ #define xfs_bmbt_get_all libxfs_bmbt_get_all #define xfs_rtfree_extent libxfs_rtfree_extent #define xfs_verify_rtbno libxfs_verify_rtbno +#define xfs_verify_ino libxfs_verify_ino #define xfs_zero_extent libxfs_zero_extent #define xfs_defer_init libxfs_defer_init diff --git a/repair/dir2.c b/repair/dir2.c index 94dd649b0..e162d2b8e 100644 --- a/repair/dir2.c +++ b/repair/dir2.c @@ -847,6 +847,23 @@ _("bad .. entry in root directory inode %" PRIu64 ", was %" PRIu64 ": "), } *parent = ino; } + /* + * Make sure our parent directory doesn't point + * off into space. + */ + if (!junkit && + *parent != NULLFSINO && + !libxfs_verify_ino(mp, *parent)) { + do_warn( +_("bad .. entry in directory inode %" PRIu64 ", was %" PRIu64 ": "), + ino, *parent); + if (!no_modify) { + do_warn(_("correcting\n")); + } else { + do_warn(_("would correct\n")); + } + *parent = NULLFSINO; + } } /* * Can't fix the directory unless we know which .. -- 2.47.2