From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
If reading the root block of an extended attribute structure fails due
to a corruption error, we should junk the block since we know it's bad.
There's no point in moving on to the (rather insufficient) checks in the
attr code.
Found by fuzzing hdr.freemap[1].base = ones in xfs/400.
Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
---
repair/attr_repair.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/repair/attr_repair.c b/repair/attr_repair.c
index 6cec0f7075d5..d92909e1c831 100644
--- a/repair/attr_repair.c
+++ b/repair/attr_repair.c
@@ -1107,6 +1107,15 @@ process_longform_attr(
ino);
return 1;
}
+
+ if (bp->b_error == -EFSCORRUPTED) {
+ do_warn(
+ _("corrupt block 0 of inode %" PRIu64 " attribute fork\n"),
+ ino);
+ libxfs_buf_relse(bp);
+ return 1;
+ }
+
if (bp->b_error == -EFSBADCRC)
(*repair)++;
