diff options
| author | Kirk McKusick <mckusick@FreeBSD.org> | 2023-05-28 22:23:16 +0000 |
|---|---|---|
| committer | Kirk McKusick <mckusick@FreeBSD.org> | 2023-05-28 22:23:37 +0000 |
| commit | b796bfce48698449470b751de6b0d96ae7047202 (patch) | |
| tree | 1b9fffd60180f709476078c799c861267552838a /sbin/fsck_ffs | |
| parent | 9ed4ec4ae34a9ecab0471f1dbf392729155d7411 (diff) | |
| download | src-b796bfce48698449470b751de6b0d96ae7047202.tar.gz src-b796bfce48698449470b751de6b0d96ae7047202.zip | |
Fix a bug in fsck_ffs(8) triggered by corrupted filesystems.
Check for valid block numbers while loading journal entries that
contain block numbers. If an invalid block number is found, fall
back to full fsck.
Reported-by: Robert Morris
PR: 271383
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Diffstat (limited to 'sbin/fsck_ffs')
| -rw-r--r-- | sbin/fsck_ffs/suj.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sbin/fsck_ffs/suj.c b/sbin/fsck_ffs/suj.c index d51e0ff4d83b..c86d6b711635 100644 --- a/sbin/fsck_ffs/suj.c +++ b/sbin/fsck_ffs/suj.c @@ -736,7 +736,7 @@ indir_visit(ino_t ino, ufs_lbn_t lbn, ufs2_daddr_t blk, uint64_t *frags, lbnadd *= NINDIR(fs); bp = getdatablk(blk, fs->fs_bsize, BT_LEVEL1 + level); if (bp->b_errs != 0) - err_suj("indir_visit: UNRECOVERABLE I/O ERROR"); + err_suj("indir_visit: UNRECOVERABLE I/O ERROR\n"); for (i = 0; i < NINDIR(fs); i++) { if ((nblk = IBLK(bp, i)) == 0) continue; @@ -1918,6 +1918,9 @@ blk_build(struct jblkrec *blkrec) blk = blknum(fs, blkrec->jb_blkno); frag = fragnum(fs, blkrec->jb_blkno); + if (blkrec->jb_blkno < 0 || blk + fs->fs_frag - frag > fs->fs_size) + err_suj("Out-of-bounds journal block number %jd\n", + blkrec->jb_blkno); sblk = blk_lookup(blk, 1); /* * Rewrite the record using oldfrags to indicate the offset into |