git.itanic.dy.fi Git - linux-stable/commit

author	Amir Goldstein <amir73il@gmail.com>
	Thu, 2 Feb 2017 07:55:59 +0000 (08:55 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 4 Feb 2017 08:47:11 +0000 (09:47 +0100)
commit	e5325fcf70b1cd2c45503b854fde3f1bd44216da
tree	bf257857d39f5a0b6ba3fd11cdbc17e7d0ec7cbe	tree \| snapshot
parent	624e54b5aff15c6d49974f404c5cef5ce7f89cd0	commit \| diff

xfs: sanity check directory inode di_size

commit 3c6f46eacd876bd723a9bad3c6882714c052fd8e upstream.

This changes fixes an assertion hit when fuzzing on-disk
i_mode values.

The easy case to fix is when changing an empty file
i_mode to S_IFDIR. In this case, xfs_dinode_verify()
detects an illegal zero size for directory and fails
to load the inode structure from disk.

For the case of non empty file whose i_mode is changed
to S_IFDIR, the ASSERT() statement in xfs_dir2_isblock()
is replaced with return -EFSCORRUPTED, to avoid interacting
with corrupted jusk also when XFS_DEBUG is disabled.

Suggested-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/xfs/libxfs/xfs_dir2.c		diff \| blob \| history
fs/xfs/libxfs/xfs_inode_buf.c		diff \| blob \| history