summaryrefslogtreecommitdiffstats
path: root/fs/xfs/libxfs/xfs_dir2.c
diff options
context:
space:
mode:
authorAmir Goldstein <amir73il@gmail.com>2017-01-17 20:41:41 +0100
committerDarrick J. Wong <darrick.wong@oracle.com>2017-01-17 20:41:41 +0100
commit3c6f46eacd876bd723a9bad3c6882714c052fd8e (patch)
tree4ea7023de1e62d8df75e5af72c0485d5ef61c175 /fs/xfs/libxfs/xfs_dir2.c
parentxfs: make the ASSERT() condition likely (diff)
downloadlinux-3c6f46eacd876bd723a9bad3c6882714c052fd8e.tar.xz
linux-3c6f46eacd876bd723a9bad3c6882714c052fd8e.zip
xfs: sanity check directory inode di_size
This changes fixes an assertion hit when fuzzing on-disk i_mode values. The easy case to fix is when changing an empty file i_mode to S_IFDIR. In this case, xfs_dinode_verify() detects an illegal zero size for directory and fails to load the inode structure from disk. For the case of non empty file whose i_mode is changed to S_IFDIR, the ASSERT() statement in xfs_dir2_isblock() is replaced with return -EFSCORRUPTED, to avoid interacting with corrupted jusk also when XFS_DEBUG is disabled. Suggested-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Amir Goldstein <amir73il@gmail.com> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Diffstat (limited to 'fs/xfs/libxfs/xfs_dir2.c')
-rw-r--r--fs/xfs/libxfs/xfs_dir2.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/xfs/libxfs/xfs_dir2.c b/fs/xfs/libxfs/xfs_dir2.c
index c58d72c220f5..4f7913f84b28 100644
--- a/fs/xfs/libxfs/xfs_dir2.c
+++ b/fs/xfs/libxfs/xfs_dir2.c
@@ -631,7 +631,8 @@ xfs_dir2_isblock(
if ((rval = xfs_bmap_last_offset(args->dp, &last, XFS_DATA_FORK)))
return rval;
rval = XFS_FSB_TO_B(args->dp->i_mount, last) == args->geo->blksize;
- ASSERT(rval == 0 || args->dp->i_d.di_size == args->geo->blksize);
+ if (rval != 0 && args->dp->i_d.di_size != args->geo->blksize)
+ return -EFSCORRUPTED;
*vp = rval;
return 0;
}