| commit | 5e9ba85c2694926eb784531d81ba107200cf1a51 | |
| author | Theodore Ts'o <tytso@mit.edu> | |
| Wed, 11 Jul 2007 17:42:43 +0000 (11 13:42 -0400) | ||
| committer | Theodore Ts'o <tytso@mit.edu> | |
| Wed, 11 Jul 2007 17:42:43 +0000 (11 13:42 -0400) | ||
| tree | 3950b69d1462d039fb7a566b2f4fbd7ad856cfcc | treesnapshot (tar.gz zip) |
| parent | d46ce70486315c75936859afbf5d13e2fcdae0d9 | commitdiff |
Fix e2fsck segfault on very badly damaged filesystems
A recent change to e2fsck_add_dir_info() to use tdb files to check
filesystems with a very large number of filesystems had a typo which
caused us to resize the wrong data structure. This would cause a
array overrun leading to malloc pointer corruptions. Since we
normally can very accurately predict how big the the dirinfo array
needs to be, this bug only got triggered on very badly corrupted
filesystems.
Thanks to Andreas Dilger for submitting the test case which discovered
this problem, and to Kalpak Shah for writing a random testing script
which created the test case.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
A recent change to e2fsck_add_dir_info() to use tdb files to check
filesystems with a very large number of filesystems had a typo which
caused us to resize the wrong data structure. This would cause a
array overrun leading to malloc pointer corruptions. Since we
normally can very accurately predict how big the the dirinfo array
needs to be, this bug only got triggered on very badly corrupted
filesystems.
Thanks to Andreas Dilger for submitting the test case which discovered
this problem, and to Kalpak Shah for writing a random testing script
which created the test case.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
| e2fsck/dirinfo.c | diffblobblamehistory |