An deliberately corrupted filesystem with an insanely large s_first_ino field could cause e2fsck to crash with a seg fault. Thanks to Eric Sesterhenn for supplying test cases which demonstrated this issue. Signed-off-by: "Theodore Ts'o" <tytso@xxxxxxx> --- e2fsck/super.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/e2fsck/super.c b/e2fsck/super.c index cd2b9f0..24ec7a8 100644 --- a/e2fsck/super.c +++ b/e2fsck/super.c @@ -513,6 +513,10 @@ void check_super_block(e2fsck_t ctx) check_super_value(ctx, "reserved_gdt_blocks", sb->s_reserved_gdt_blocks, MAX_CHECK, 0, fs->blocksize/4); + if (sb->s_rev_level > EXT2_GOOD_OLD_REV) + check_super_value(ctx, "first_ino", sb->s_first_ino, + MIN_CHECK | MAX_CHECK, + EXT2_GOOD_OLD_FIRST_INO, sb->s_inodes_count); inode_size = EXT2_INODE_SIZE(sb); check_super_value(ctx, "inode_size", inode_size, MIN_CHECK | MAX_CHECK, -- 1.6.0.4.8.g36f27.dirty -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
