1 ext4: always check ext4_ext_find_extent result
3 From: Dmitry Monakhov <dmonakhov@openvz.org>
5 Where are some places where logic guaranties us that extent we are
6 searching exits, but this may not be true due to on-disk data
7 corruption. If such corruption happens we must prevent possible
8 null pointer dereferences.
10 Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
11 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 fs/ext4/extents.c | 17 +++++++++++++++++
14 1 file changed, 17 insertions(+)
16 diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
17 index 38be063..64b4003 100644
18 --- a/fs/ext4/extents.c
19 +++ b/fs/ext4/extents.c
20 @@ -3313,6 +3313,11 @@ static int ext4_split_extent(handle_t *handle,
22 depth = ext_depth(inode);
23 ex = path[depth].p_ext;
25 + EXT4_ERROR_INODE(inode, "unexpected hole at %lu",
26 + (unsigned long) map->m_lblk);
29 uninitialized = ext4_ext_is_uninitialized(ex);
32 @@ -3694,6 +3699,12 @@ static int ext4_convert_initialized_extents(handle_t *handle,
34 depth = ext_depth(inode);
35 ex = path[depth].p_ext;
37 + EXT4_ERROR_INODE(inode, "unexpected hole at %lu",
38 + (unsigned long) map->m_lblk);
44 err = ext4_ext_get_access(handle, inode, path + depth);
45 @@ -5340,6 +5351,12 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle,
47 depth = path->p_depth;
48 extent = path[depth].p_ext;
50 + EXT4_ERROR_INODE(inode, "unexpected hole at %lu",
51 + (unsigned long) start);
55 current_block = le32_to_cpu(extent->ee_block);
56 if (start > current_block) {
57 /* Hole, move to the next extent */