diff options
author | Kent Overstreet <kent.overstreet@linux.dev> | 2024-04-17 15:19:50 -0400 |
---|---|---|
committer | Kent Overstreet <kent.overstreet@linux.dev> | 2024-04-20 00:16:53 -0400 |
commit | fcdbc1d7a4b638e5d5668de461f320386f3002aa (patch) | |
tree | 48c7ec295107f215e3983ace40aea1b88b2a480c /fs/bcachefs/sb-clean.c | |
parent | 0389c09b2fb702ca7924ddf550ce0c8af708b8be (diff) | |
download | linux-fcdbc1d7a4b638e5d5668de461f320386f3002aa.tar.gz linux-fcdbc1d7a4b638e5d5668de461f320386f3002aa.tar.bz2 linux-fcdbc1d7a4b638e5d5668de461f320386f3002aa.zip |
bcachefs: Check for journal entries overruning end of sb clean section
Fix a missing bounds check in superblock validation.
Note that we don't yet have repair code for this case - repair code for
individual items is generally low priority, since the whole superblock
is checksummed, validated prior to write, and we have backups.
Reported-by: lei lu <llfamsec@gmail.com>
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>
Diffstat (limited to 'fs/bcachefs/sb-clean.c')
-rw-r--r-- | fs/bcachefs/sb-clean.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/bcachefs/sb-clean.c b/fs/bcachefs/sb-clean.c index 5980ba2563fe..35ca3f138de6 100644 --- a/fs/bcachefs/sb-clean.c +++ b/fs/bcachefs/sb-clean.c @@ -29,6 +29,14 @@ int bch2_sb_clean_validate_late(struct bch_fs *c, struct bch_sb_field_clean *cle for (entry = clean->start; entry < (struct jset_entry *) vstruct_end(&clean->field); entry = vstruct_next(entry)) { + if (vstruct_end(entry) > vstruct_end(&clean->field)) { + bch_err(c, "journal entry (u64s %u) overran end of superblock clean section (u64s %u) by %zu", + le16_to_cpu(entry->u64s), le32_to_cpu(clean->field.u64s), + (u64 *) vstruct_end(entry) - (u64 *) vstruct_end(&clean->field)); + bch2_sb_error_count(c, BCH_FSCK_ERR_sb_clean_entry_overrun); + return -BCH_ERR_fsck_repair_unimplemented; + } + ret = bch2_journal_entry_validate(c, NULL, entry, le16_to_cpu(c->disk_sb.sb->version), BCH_SB_BIG_ENDIAN(c->disk_sb.sb), |