Re: [PATCH 1/9] e2fsck: fix e2fsck_allocate_memory() overflow
From: "Theodore Y. Ts'o" <tytso@mit.edu>
Date: 2020-02-29 23:26:14
On Thu, Feb 06, 2020 at 06:09:38PM -0700, Andreas Dilger wrote:
e2fsck_allocate_memory() takes an "unsigned int size" argument, which will overflow for allocations above 4GB. This happens for dir_info and dx_dir_info arrays when there are more than 350M directories in a filesystem, and for the dblist array above 180M directories. There is also a risk of overflow during the binary search in both e2fsck_get_dir_info() and e2fsck_get_dx_dir_info() when the midpoint of the array is calculated, if there would be more than 2B directories in the filesystem and working above the half way point. Also, in some places inode numbers are "int" instead of "ext2_ino_t", which can also cause problems with the array size calculations, and makes it hard to identify where inode numbers are used. Fix e2fsck_allocate_memory() to take an "unsigned long" argument to match ext2fs_get_mem(), so that it can do single memory allocations over 4GB. Fix e2fsck_get_dir_info() and e2fsck_get_dx_dir_info() to temporarily use an unsigned long long value to calculate the midpoint (which will always fit into an ext2_ino_t again afterward). Change variables that hold inode numbers to be ext2_ino_t, and print them as unsigned values instead of printing negative inode numbers. Signed-off-by: Andreas Dilger <redacted> Reviewed-by: Shilong Wang <redacted> Lustre-bug-id: https://jira.whamcloud.com/browse/LU-13197
Applied, thanks. - Ted