On Fri, Feb 28, 2020 at 05:48:41PM -0800, Darrick J. Wong wrote:
> From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
>
> Fix two problems in the dir3 free block read routine when we want to
> reject a corrupt free block. First, buffers should never have DONE set
> at the same time that b_error is EFSCORRUPTED. Second, don't leak a
> pointer back to the caller.
>
> Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> ---
> fs/xfs/libxfs/xfs_dir2_node.c | 2 ++
> 1 file changed, 2 insertions(+)
>
>
> diff --git a/fs/xfs/libxfs/xfs_dir2_node.c b/fs/xfs/libxfs/xfs_dir2_node.c
> index a0cc5e240306..f622ede7119e 100644
> --- a/fs/xfs/libxfs/xfs_dir2_node.c
> +++ b/fs/xfs/libxfs/xfs_dir2_node.c
> @@ -227,7 +227,9 @@ __xfs_dir3_free_read(
> fa = xfs_dir3_free_header_check(dp, fbno, *bpp);
> if (fa) {
> xfs_verifier_error(*bpp, -EFSCORRUPTED, fa);
Now that I've had time to think about this further, I conclude that this
call ought to be xfs_buf_corruption_error() since we created that
function to handle exactly this sort of thing...
> + (*bpp)->b_flags &= ~XBF_DONE;
...and then we don't need this piece.
> xfs_trans_brelse(tp, *bpp);
> + *bpp = NULL;
But we still need this because xfs_trans_brelse could have nuked *bpp
and we should never pass a (potentially stale and now reused) pointer up
to a caller, even if we are about to return an error code.
--D
> return -EFSCORRUPTED;
> }
>
>
