From 28dce1ed0e7ff6cb89024d754570b954c329f2f6 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o Date: Sat, 13 Aug 2022 16:39:17 -0400 Subject: [PATCH] libext2fs: avoid looping forever in e2image when superblock is invalid If the number of blocks or inodes per block group is not a multiple of 8 (which are invalid values) ext2fs_image_bitmap{read,write} can loop forever. These file systems should be not be allowed to be opened (without EXT2_FLAG_IGNORE_SB_ERRORS) but for the fact that a long time ago, Android devices used a buggy (but BSD-licensed, which was what was important to the early Android founders) program for creating file systems which would create these invalid file systems. E2fsck couldn't actually correctly repair these file systems, but adding a check to enforce this (in e2fsprogs and in the kernel) would have broken some of these devices, so support for these bogus file system was in a grey area for many years. We will be tightening this up soon, but for now, we'll apply this quick fix so attempts to use e2image won't hang forever. (Not that Android ever shipped e2image in those days, of course...) Signed-off-by: Theodore Ts'o --- lib/ext2fs/imager.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/ext2fs/imager.c b/lib/ext2fs/imager.c index 6f8582a..23290a6 100644 --- a/lib/ext2fs/imager.c +++ b/lib/ext2fs/imager.c @@ -372,6 +372,8 @@ errcode_t ext2fs_image_bitmap_write(ext2_filsys fs, int fd, int flags) size = sizeof(buf); if (size > (cnt >> 3)) size = (cnt >> 3); + if (size == 0) + break; retval = ext2fs_get_generic_bmap_range(bmap, itr, size << 3, buf); @@ -447,6 +449,8 @@ errcode_t ext2fs_image_bitmap_read(ext2_filsys fs, int fd, int flags) size = sizeof(buf); if (size > (cnt >> 3)) size = (cnt >> 3); + if (size == 0) + break; actual = read(fd, buf, size); if (actual == -1) -- 1.8.3.1