On 2024/9/27 0:29, Eric Sandeen wrote:
On 9/26/24 11:04 AM, Eric Sandeen wrote:Can you explain what the 2 cases under /* Avoid allocating large 'groups' array if not needed */ are doing? I *think* the first 'if' is trying not to over-allocate for the last batch of block groups that get added during a resize. What is the "else if" case doing?(or maybe I had that backwards) Incidentally, the offending commit that this fixes (665d3e0af4d35ac) got turned into CVE-2023-52622, so it's quite likely that distros have backported the broken commit as part of the CVE game.
The commit to fix CVE-2023-52622 is commit 5d1935ac02ca5a
("ext4: avoid online resizing failures due to oversized flex bg").
This commit does not address the off by one issue above.
So the followup fix looks a bit urgent to me. -Eric
Okay, I'll send out the fix patch today. Regards, Baokun .
