diff mbox

[v2,09/11] xfs_repair: actually fix .. entries that point to inode zero

Message ID 20180508163124.GM11261@magnolia (mailing list archive)
State Accepted, archived
Headers show

Commit Message

Darrick J. Wong May 8, 2018, 4:31 p.m. UTC 
From: Darrick J. Wong <darrick.wong@oracle.com>

If we encounter a directory with an entry that points to inode zero,
we'll crash due to an ASSERT during process_inode_chunk.  This is due to
process_dir2_data not arranging for phase 6 to fix the parent pointer
when '..' -> 0, so do that.  Found via xfs/386 fuzzing bu[1].inumber to
zero.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
---
 libxfs/libxfs_api_defs.h |    1 +
 repair/dir2.c            |   17 +++++++++++++++++
 2 files changed, 18 insertions(+)

--
To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/libxfs/libxfs_api_defs.h b/libxfs/libxfs_api_defs.h
index d588f342..56f9f8ca 100644
--- a/libxfs/libxfs_api_defs.h
+++ b/libxfs/libxfs_api_defs.h
@@ -78,6 +78,7 @@ 
 #define xfs_bmbt_get_all		libxfs_bmbt_get_all
 #define xfs_rtfree_extent		libxfs_rtfree_extent
 #define xfs_verify_rtbno		libxfs_verify_rtbno
+#define xfs_verify_ino			libxfs_verify_ino
 #define xfs_zero_extent			libxfs_zero_extent
 
 #define xfs_defer_init			libxfs_defer_init
diff --git a/repair/dir2.c b/repair/dir2.c
index fbe88b50..f0371371 100644
--- a/repair/dir2.c
+++ b/repair/dir2.c
@@ -847,6 +847,23 @@  _("bad .. entry in root directory inode %" PRIu64 ", was %" PRIu64 ": "),
 					}
 					*parent = ino;
 				}
+				/*
+				 * Make sure our parent pointer doesn't point
+				 * off into space.
+				 */
+				if (!junkit &&
+				    *parent != NULLFSINO &&
+				    !libxfs_verify_ino(mp, *parent)) {
+					do_warn(
+_("bad .. entry in directory inode %" PRIu64 ", was %" PRIu64 ": "),
+						ino, *parent);
+					if (!no_modify) {
+						do_warn(_("correcting\n"));
+					} else {
+						do_warn(_("would correct\n"));
+					}
+					*parent = NULLFSINO;
+				}
 			}
 			/*
 			 * Can't fix the directory unless we know which ..