When investigating the EA problem reported on this list, I noticed that some
of the checks for the in-inode EAs were removed (possibly when the unordered
EAs-in-inode patch was removed). The following patch returns the checks for
the e_value_offs. This passes "make check" with the Lustre EA test cases.
A more complete check (not implemented here) would be to ensure that
the EAs don't overlap as is done with the external EAs. Some extra
whitespace is removed in the first hunk.
Signed-off-by: Andreas Dilger <[email protected]>
--- e2fsck/pass1.c.orig 2008-02-04 10:41:50.000000000 -0700
+++ e2fsck/pass1.c 2008-02-04 17:36:34.000000000 -0700
@@ -268,14 +268,14 @@
/* scan all entry's headers first */
/* take finish entry 0UL into account */
- remain = storage_size - sizeof(__u32);
+ remain = storage_size - sizeof(__u32);
while (!EXT2_EXT_IS_LAST_ENTRY(entry)) {
__u32 hash;
/* header eats this space */
remain -= sizeof(struct ext2_ext_attr_entry);
-
+
/* is attribute name valid? */
if (EXT2_EXT_ATTR_SIZE(entry->e_name_len) > remain) {
pctx->num = entry->e_name_len;
@@ -293,6 +293,21 @@
goto fix;
}
+ /* check value placement */
+ if (start + entry->e_value_offs > end) {
+ pctx->num = entry->e_value_offset;
+ problem = PR_1_ATTR_VALUE_OFFSET;
+ goto fix;
+ }
+
+ /* check value offset + size */
+ if (start + entry->e_value_offs +
+ EXT2_XATTR_SIZE(entry->e_value_size) > end) {
+ pctx->num = entry->e_value_size;
+ problem = PR_1_ATTR_VALUE_SIZE;
+ goto fix;
+ }
+
/* e_value_block must be 0 in inode's ea */
if (entry->e_value_block != 0) {
pctx->num = entry->e_value_block;
@@ -310,7 +325,7 @@
goto fix;
}
- remain -= entry->e_value_size;
+ remain -= EXT2_XATTR_SIZE(entry->e_value_size);
entry = EXT2_EXT_ATTR_NEXT(entry);
}
Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.