If a long symbolic link target is written into an external block
without a NUL terminator, its length is decided by the inode's size.
Make symlink check add a NUL termination in such cases if needed.
Such faulty symlinks were generated by osd-ldiskfs on the MDS until
Lustre 2.1.3 and Lustre 2.3. The in-kernel code would handle such
unterminated symlinks correctly, since it used the inode size to
determine the symlink length, but e2fsck would assume the symlink
is broken if there wasn't a trailing NUL.
LU-2627 e2fsck: check_symlink() SIGSEGV
Since e2fsck_pass1_check_symlink() calls into check_symlink()
with pctx == NULL, we should use 'ino' instead of 'pctx->ino'
in check_symlink().
Signed-off-by: Bobi Jam <bobijam.xu@intel.com>
Change-Id: If9c16f96d0655d5a886ef607f1f47ced6176f8d8
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Change-Id: I4419b30f1adb4a7d273796a936427aa351510213
extern void e2fsck_use_inode_shortcuts(e2fsck_t ctx, int use_shortcuts);
extern int e2fsck_pass1_check_device_inode(ext2_filsys fs,
struct ext2_inode *inode);
extern void e2fsck_use_inode_shortcuts(e2fsck_t ctx, int use_shortcuts);
extern int e2fsck_pass1_check_device_inode(ext2_filsys fs,
struct ext2_inode *inode);
-extern int e2fsck_pass1_check_symlink(ext2_filsys fs, ext2_ino_t ino,
+extern int e2fsck_pass1_check_symlink(e2fsck_t ctx, ext2_ino_t ino,
struct ext2_inode *inode, char *buf);
extern void e2fsck_clear_inode(e2fsck_t ctx, ext2_ino_t ino,
struct ext2_inode *inode, int restart_flag,
struct ext2_inode *inode, char *buf);
extern void e2fsck_clear_inode(e2fsck_t ctx, ext2_ino_t ino,
struct ext2_inode *inode, int restart_flag,
* Check to make sure a symlink inode is real. Returns 1 if the symlink
* checks out, 0 if not.
*/
* Check to make sure a symlink inode is real. Returns 1 if the symlink
* checks out, 0 if not.
*/
-int e2fsck_pass1_check_symlink(ext2_filsys fs, ext2_ino_t ino,
- struct ext2_inode *inode, char *buf)
+static int check_symlink(e2fsck_t ctx, struct problem_context *pctx,
+ ext2_ino_t ino, struct ext2_inode *inode, char *buf)
- unsigned int len;
- int i;
- blk64_t blocks;
- ext2_extent_handle_t handle;
- struct ext2_extent_info info;
- struct ext2fs_extent extent;
+ blk64_t block, num_blocks;
+ unsigned len, limit;
if ((inode->i_size_high || inode->i_size == 0) ||
(inode->i_flags & EXT2_INDEX_FL))
return 0;
if ((inode->i_size_high || inode->i_size == 0) ||
(inode->i_flags & EXT2_INDEX_FL))
return 0;
- if (inode->i_flags & EXT4_EXTENTS_FL) {
- if (inode->i_size > fs->blocksize)
+ num_blocks = ext2fs_inode_data_blocks2(ctx->fs, inode);
+ if (inode->i_flags & EXT4_EXTENTS_FL) { /* in extent-mapped block */
+ struct ext2_extent_info info;
+ ext2_extent_handle_t handle;
+ struct ext2fs_extent extent;
+
+ if (inode->i_size > ctx->fs->blocksize)
- if (ext2fs_extent_open2(fs, ino, inode, &handle))
+ if (ext2fs_extent_open2(ctx->fs, ino, inode, &handle))
if (ext2fs_extent_get_info(handle, &info) ||
(info.num_entries != 1) ||
if (ext2fs_extent_get_info(handle, &info) ||
(info.num_entries != 1) ||
- (info.max_depth != 0))
- goto exit_extent;
- if (ext2fs_extent_get(handle, EXT2_EXTENT_ROOT, &extent) ||
+ (info.max_depth != 0) ||
+
+ ext2fs_extent_get(handle, EXT2_EXTENT_ROOT, &extent) ||
- (extent.e_len != 1) ||
- (extent.e_pblk < fs->super->s_first_data_block) ||
- (extent.e_pblk >= ext2fs_blocks_count(fs->super)))
- goto exit_extent;
- i = 1;
- exit_extent:
+ (extent.e_len != 1)) {
+ ext2fs_extent_free(handle);
+ return 0;
+ }
+
+ block = extent.e_pblk;
+ limit = ctx->fs->blocksize;
+
ext2fs_extent_free(handle);
ext2fs_extent_free(handle);
+ } else if (num_blocks > 0) { /* in block-mapped block */
+ int i;
- blocks = ext2fs_inode_data_blocks2(fs, inode);
- if (blocks) {
- if ((inode->i_size >= fs->blocksize) ||
- (blocks != fs->blocksize >> 9) ||
- (inode->i_block[0] < fs->super->s_first_data_block) ||
- (inode->i_block[0] >= ext2fs_blocks_count(fs->super)))
- return 0;
+ block = inode->i_block[0];
+ limit = ctx->fs->blocksize;
for (i = 1; i < EXT2_N_BLOCKS; i++)
if (inode->i_block[i])
return 0;
for (i = 1; i < EXT2_N_BLOCKS; i++)
if (inode->i_block[i])
return 0;
+ } else { /* inside inode i_block[] */
+ block = 0;
+ limit = sizeof(inode->i_block);
+ }
- if (io_channel_read_blk64(fs->io, inode->i_block[0], 1, buf))
+ if (inode->i_size >= limit)
+ return 0;
+
+ if (num_blocks) {
+ if ((num_blocks != ctx->fs->blocksize >> 9) || /* == 1 block */
+ (block < ctx->fs->super->s_first_data_block) ||
+ (block >= ext2fs_blocks_count(ctx->fs->super)))
- len = strnlen(buf, fs->blocksize);
- if (len == fs->blocksize)
+ if (io_channel_read_blk64(ctx->fs->io, block, 1, buf))
- if (inode->i_size >= sizeof(inode->i_block))
- return 0;
+ buf = (char *)inode->i_block;
+ }
- len = strnlen((char *)inode->i_block, sizeof(inode->i_block));
- if (len == sizeof(inode->i_block))
- return 0;
+ len = strnlen(buf, limit);
+ /* Add missing NUL terminator at end of symlink (LU-1540),
+ * but only offer to fix this in pass1, not from pass2. */
+ if (len > inode->i_size && pctx != NULL &&
+ fix_problem(ctx, PR_1_SYMLINK_NUL, pctx)) {
+ buf[inode->i_size] = '\0';
+ if (num_blocks != 0) {
+ if (io_channel_write_blk64(ctx->fs->io, block, 1, buf))
+ return 0;
+ } else {
+ e2fsck_write_inode(ctx, ino, inode, "check_ext_attr");
+ }
+ len = inode->i_size;
}
if (len != inode->i_size)
return 0;
}
if (len != inode->i_size)
return 0;
+int e2fsck_pass1_check_symlink(e2fsck_t ctx, ext2_ino_t ino,
+ struct ext2_inode *inode, char *buf)
+{
+ return check_symlink(ctx, NULL, ino, inode, buf);
+}
+
/*
* If the immutable (or append-only) flag is set on the inode, offer
* to clear it.
/*
* If the immutable (or append-only) flag is set on the inode, offer
* to clear it.
check_size(ctx, &pctx);
ctx->fs_blockdev_count++;
} else if (LINUX_S_ISLNK (inode->i_mode) &&
check_size(ctx, &pctx);
ctx->fs_blockdev_count++;
} else if (LINUX_S_ISLNK (inode->i_mode) &&
- e2fsck_pass1_check_symlink(fs, ino, inode,
- block_buf)) {
+ check_symlink(ctx, &pctx, ino, inode, block_buf)) {
check_immutable(ctx, &pctx);
ctx->fs_symlinks_count++;
if (ext2fs_inode_data_blocks(fs, inode) == 0) {
check_immutable(ctx, &pctx);
ctx->fs_symlinks_count++;
if (ext2fs_inode_data_blocks(fs, inode) == 0) {
else if (LINUX_S_ISSOCK(inode.i_mode)
&& !e2fsck_pass1_check_device_inode(fs, &inode))
problem = PR_2_BAD_SOCKET;
else if (LINUX_S_ISSOCK(inode.i_mode)
&& !e2fsck_pass1_check_device_inode(fs, &inode))
problem = PR_2_BAD_SOCKET;
- else if (LINUX_S_ISLNK(inode.i_mode)
- && !e2fsck_pass1_check_symlink(fs, ino, &inode, buf)) {
+ else if (LINUX_S_ISLNK(inode.i_mode) &&
+ !e2fsck_pass1_check_symlink(ctx, ino, &inode, buf)) {
problem = PR_2_INVALID_SYMLINK;
}
problem = PR_2_INVALID_SYMLINK;
}
N_("@a in @i %i is corrupt (@n value)."),
PROMPT_CLEAR, 0},
N_("@a in @i %i is corrupt (@n value)."),
PROMPT_CLEAR, 0},
+ /* Bad extended attribute value in inode */
+ { PR_1_SYMLINK_NUL,
+ N_("@i %i symlink missing NUL terminator. "),
+ PROMPT_FIX, 0},
+
/* expand inode */
{ PR_1_EXPAND_EISIZE_WARNING,
N_("\ne2fsck is being run with \"expand_extra_isize\" option or\n"
/* expand inode */
{ PR_1_EXPAND_EISIZE_WARNING,
N_("\ne2fsck is being run with \"expand_extra_isize\" option or\n"
/* Bad extended attribute value in inode */
#define PR_1_INODE_EA_BAD_VALUE 0x010080
/* Bad extended attribute value in inode */
#define PR_1_INODE_EA_BAD_VALUE 0x010080
+/* Symlink missing NUL terminator */
+#define PR_1_SYMLINK_NUL 0x010081
+
/* Warning for user that all inodes need to be expanded atleast by
* s_min_extra_isize
*/
/* Warning for user that all inodes need to be expanded atleast by
* s_min_extra_isize
*/
Pass 1: Checking inodes, blocks, and sizes
Pass 1: Checking inodes, blocks, and sizes
+Inode 13 symlink missing NUL terminator. Fix? yes
+
+Inode 14 symlink missing NUL terminator. Fix? yes
+
Special (device/socket/fifo/symlink) file (inode 18) has immutable
or append-only flag set. Clear? yes
Special (device/socket/fifo/symlink) file (inode 18) has immutable
or append-only flag set. Clear? yes
Symlink /empty_link (inode #17) is invalid.
Clear? yes
Symlink /empty_link (inode #17) is invalid.
Clear? yes
-Symlink /long_fastlink (inode #13) is invalid.
-Clear? yes
-
-Symlink /long_link (inode #14) is invalid.
-Clear? yes
-
Symlink /high_fastlink (inode #15) is invalid.
Clear? yes
Symlink /high_fastlink (inode #15) is invalid.
Clear? yes
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
-Free blocks count wrong for group #0 (1000, counted=1001).
+Free blocks count wrong for group #0 (999, counted=1000).
-Free blocks count wrong (1000, counted=1001).
+Free blocks count wrong (999, counted=1000).
Fix? yes
test_filesys: ***** FILE SYSTEM WAS MODIFIED *****
Fix? yes
test_filesys: ***** FILE SYSTEM WAS MODIFIED *****
-test_filesys: 13/32 files (7.7% non-contiguous), 23/1024 blocks
+test_filesys: 15/32 files (6.7% non-contiguous), 24/1024 blocks
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
-test_filesys: 13/32 files (0.0% non-contiguous), 23/1024 blocks
+test_filesys: 15/32 files (0.0% non-contiguous), 24/1024 blocks