git://git.whamcloud.com - tools/e2fsprogs.git/commit

author	Andreas Dilger <adilger@whamcloud.com>
	Tue, 4 Feb 2020 22:35:01 +0000 (15:35 -0700)
committer	Andreas Dilger <adilger@whamcloud.com>
	Fri, 22 May 2020 06:45:48 +0000 (06:45 +0000)
commit	8051687bc488a00fb3e17554064c308add13cbcf
tree	36492e3efca2fc0079766da0400d4ecc45494cdb	tree \| snapshot
parent	77bccf803dea6cb9a69cfd334619c7552143f3cf	commit \| diff

LU-13197 e2fsck: avoid overflow with very large dirs

In alloc_size_dir() it multiples signed ints when allocating the
buffer for rehashing an htree-indexed directory. This will overflow
when the directory size is above 4GB, which is possible with largedir
directories having about 100M entries, assuming an average 3/4 leaf
fullness and 24-byte filenames, or fewer with longer filenames.
The same problem exisgs in get_next_block().

Similarly, the out_dir struct used a signed int for the number of
blocks in the directory, which may result in a negative size if the
directory is over 2GB (about 50M entries or fewer).

Use appropriate unsigned variables for block counts, and use larger
types for calculating the byte count for memory offsets/sizes.

Such large directories not been seen yet, but are not too far away.
The ext2fs_get_array() function will properly calculate the needed
memory allocation, and detect overflow on 32-bit systems.
Add ext2fs_resize_array() to do the same for array resize.

Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Change-Id: I9382ebfa7491055b0bac4c676ae85cbed63ebbe5
Reviewed-on: https://review.whamcloud.com/37437
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Wang Shilong <wshilong@ddn.com>
Reviewed-by: Li Dongyang <dongyangli@ddn.com>

e2fsck/e2fsck.h		diff \| blob \| history
e2fsck/pass2.c		diff \| blob \| history
e2fsck/rehash.c		diff \| blob \| history
lib/ext2fs/ext2fs.h		diff \| blob \| history