From: "Andries E. Brouwer" <[email protected]>
As it turns out, the kernel divides by EXT3_INODES_PER_GROUP(s) when
mounting an ext3 filesystem. If that number is zero, a crash follows.
Below a patch.
This crash was reported by Joeri de Ruiter, Carst Tankink and Pim Vullers.
Cc: <[email protected]>
Acked-by: Alan Cox <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---
fs/ext3/super.c | 2 +-
fs/ext4/super.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff -puN fs/ext3/super.c~ext3-ext4-avoid-divide-by-zero fs/ext3/super.c
--- a/fs/ext3/super.c~ext3-ext4-avoid-divide-by-zero
+++ a/fs/ext3/super.c
@@ -1676,7 +1676,7 @@ static int ext3_fill_super (struct super
sbi->s_blocks_per_group = le32_to_cpu(es->s_blocks_per_group);
sbi->s_frags_per_group = le32_to_cpu(es->s_frags_per_group);
sbi->s_inodes_per_group = le32_to_cpu(es->s_inodes_per_group);
- if (EXT3_INODE_SIZE(sb) == 0)
+ if (EXT3_INODE_SIZE(sb) == 0 || EXT3_INODES_PER_GROUP(sb) == 0)
goto cantfind_ext3;
sbi->s_inodes_per_block = blocksize / EXT3_INODE_SIZE(sb);
if (sbi->s_inodes_per_block == 0)
diff -puN fs/ext4/super.c~ext3-ext4-avoid-divide-by-zero fs/ext4/super.c
--- a/fs/ext4/super.c~ext3-ext4-avoid-divide-by-zero
+++ a/fs/ext4/super.c
@@ -1797,7 +1797,7 @@ static int ext4_fill_super (struct super
sbi->s_desc_size = EXT4_MIN_DESC_SIZE;
sbi->s_blocks_per_group = le32_to_cpu(es->s_blocks_per_group);
sbi->s_inodes_per_group = le32_to_cpu(es->s_inodes_per_group);
- if (EXT4_INODE_SIZE(sb) == 0)
+ if (EXT4_INODE_SIZE(sb) == 0 || EXT4_INODES_PER_GROUP(sb) == 0)
goto cantfind_ext4;
sbi->s_inodes_per_block = blocksize / EXT4_INODE_SIZE(sb);
if (sbi->s_inodes_per_block == 0)
_