resize2fs: Fix fix uninit group test accessing invalid memory

Commit 74128f8 added tests for uninit groups, but it could access past
the end of the group_desc[] array after processing the last group:

==19668== Invalid read of size 2
==19668==    at 0x40518C: resize_fs (resize2fs.c:1824)
==19668==    by 0x405A46: main (main.c:451)
==19668==  Address 0x5a0d002 is not stack'd, malloc'd or (recently) free'd
==19668==
==19668== Invalid read of size 2
==19668==    at 0x405391: resize_fs (resize2fs.c:1864)
==19668==    by 0x405A46: main (main.c:451)
==19668==  Address 0x5a0d002 is not stack'd, malloc'd or (recently) free'd
==19668==

It was found by Eric Sandeen running the regression suite through
valgrind.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>

diff --git a/resize/resize2fs.c b/resize/resize2fs.c
index 75c4721..346fd53 100644 (file)
--- a/resize/resize2fs.c
+++ b/resize/resize2fs.c
@@ -1819,6 +1819,8 @@ static errcode_t ext2fs_calculate_summary_stats(ext2_filsys fs)
                                group_free;
                        ext2fs_group_desc_csum_set(fs, group);
                        group++;
+                       if (group >= fs->group_desc_count)
+                               break;
                        count = 0;
                        group_free = 0;
                        uninit = (fs->group_desc[group].bg_flags &
@@ -1859,6 +1861,8 @@ static errcode_t ext2fs_calculate_summary_stats(ext2_filsys fs)
                                group_free;
                        ext2fs_group_desc_csum_set(fs, group);
                        group++;
+                       if (group >= fs->group_desc_count)
+                               break;
                        count = 0;
                        group_free = 0;
                        uninit = (fs->group_desc[group].bg_flags &