Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp1158385rdb; Fri, 1 Dec 2023 08:24:16 -0800 (PST) X-Google-Smtp-Source: AGHT+IGrNqGvfsGdMCYSlJjCT6hD9x6PDr3VdhlJdrdljeIF+n9CewIT1KJsZl5pVw66IKzRxNb7 X-Received: by 2002:a9d:6743:0:b0:6d8:543b:6cd with SMTP id w3-20020a9d6743000000b006d8543b06cdmr3452168otm.31.1701447856156; Fri, 01 Dec 2023 08:24:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701447856; cv=none; d=google.com; s=arc-20160816; b=Cinhl35Hq4OTxJjz8rtnT8KpJBy+xwnQYbxaLC2elXu+XQ2zdAvF0nn5KSFvCE/LSw ztjwQRSz88RGAzleEHUEqijTE5aOkRRBLw2aoRQz7cIBLXH710g028uvmOtjIhl4YJPo 5nIfC5nxa014picDRYLQrr5FJw5Cu9olMEPzdH8QFGTvWnwMpqg1QRyIttToAjOagZee z8gplaj9iKjgHabM9hJ7QZXAOx7dA041comCE2mR8KiACFqo6EmQwZqEZo8NmSSArDYq jHhVKuz910hBAQj6PAqkr0Ox1qymqnHM51/3DwMwdyCS/1qt894lYo9+GyeIHCO4CRUX SmBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=hls0dujWDEikL4ZVU/nQ1ZbhZC6RismT1qXQwdrdmNU=; fh=boYL9fKr7ClzcNLy3hnKz65xF98At6QMxDWdkJW3fB4=; b=GSX9yAE62z6t61b+S7GtdIoWG8smthcYkoT4DShdKr9XDHJtLlcBJ2YWmR+vgfy8X5 3XN5o4w01qomqjylMH5ZGVy2GJCOh2e/aE/eQb83O7uRPhmQTX4FD6iWye6yJG/fIYdR BHLPQQavLhXIsATB/7CHb35SCM2y/YASDgAPK1EE0LGo6AhgPRHd/p8JGYbqD23Zixhr GhSaXMQD6FMJJ/hJzGnHKJ+IjT1v5k2Vz53snVwom4a7w1HzGOo6wfazoXyVLPHicsUo 3k0bCNKOY/USl53BOArAAyVxuzVPA1Bmx6Tg6aoIZh1G9yextMbYsLjjfSuH6QM7k8KT dqwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W7pKC199; spf=pass (google.com: domain of linux-ext4+bounces-263-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-ext4+bounces-263-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id ex16-20020a05622a519000b004237e40023bsi4122765qtb.202.2023.12.01.08.24.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 08:24:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-ext4+bounces-263-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W7pKC199; spf=pass (google.com: domain of linux-ext4+bounces-263-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-ext4+bounces-263-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id DBA821C208A8 for ; Fri, 1 Dec 2023 16:24:15 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3EF944CDE2; Fri, 1 Dec 2023 16:24:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W7pKC199" X-Original-To: linux-ext4@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C89D4205E for ; Fri, 1 Dec 2023 16:24:11 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2E1F0C433C9; Fri, 1 Dec 2023 16:24:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1701447851; bh=H9s749sT4aGkk3fSh//sTwL4Q4UGTrw72hzytS2TO94=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=W7pKC199eNT/4KSDySOyOJO+u9omgjW97qbAxpzTn0BWqktW/TxSwOrytujYZraHC GNQk9RHCNkgj9s8H/iC2OJYc1qht3h+Z+AOAU2INAq/31CcTDPwrqd+xKAdbc3pUJl 7VDro91pNoQhY8u/Em5AGH7lxhCd551tUu8GJlOL+y2Rx9aTJg/x2y1zQ2RavAjqU4 Hx0bAwni1e1ahajyBccC1d9DKHdxBaS5uAeXdq1lnnYwIpMJpkyhgrf2M9iN/i5gtq g8OAZ3qXx8IJdlm33EHa8ULB9o6EY8JVgE68x4VGeZQM2TQtXZzz+cErccUo5R9Daw BZ5RIUYqLN7Dg== Date: Fri, 1 Dec 2023 08:24:10 -0800 From: "Darrick J. Wong" To: Brian Norris Cc: Theodore Ts'o , linux-ext4@vger.kernel.org Subject: Re: [PATCH] lib/ext2fs: Validity checks for ext2fs_inode_scan_goto_blockgroup() Message-ID: <20231201162410.GA36164@frogsfrogsfrogs> References: <20231201000126.335263-1-briannorris@chromium.org> Precedence: bulk X-Mailing-List: linux-ext4@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231201000126.335263-1-briannorris@chromium.org> On Thu, Nov 30, 2023 at 04:01:18PM -0800, Brian Norris wrote: > We don't validate the 'group' argument, so it's easy to get underflows > or crashes here. > > This resolves issues seen in ureadahead, when it uses an old packfile > (with mismatching group indices) with a new filesystem. Say what now? The boot time pre-caching thing Ubuntu used to have? https://manpages.ubuntu.com/manpages/trusty/man8/ureadahead.8.html --D > Signed-off-by: Brian Norris > --- > > lib/ext2fs/inode.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/lib/ext2fs/inode.c b/lib/ext2fs/inode.c > index 957d5aa9f9d6..96d854b5fb69 100644 > --- a/lib/ext2fs/inode.c > +++ b/lib/ext2fs/inode.c > @@ -313,6 +313,9 @@ static errcode_t get_next_blockgroup(ext2_inode_scan scan) > errcode_t ext2fs_inode_scan_goto_blockgroup(ext2_inode_scan scan, > int group) > { > + if (group <= 0 || group >= scan->fs->group_desc_count) > + return EXT2_ET_INVALID_ARGUMENT; > + > scan->current_group = group - 1; > scan->groups_left = scan->fs->group_desc_count - group; > scan->bad_block_ptr = 0; > -- > 2.43.0.rc2.451.g8631bc7472-goog > >