nilfs2: clamp ns_r_segments_percentage to [1, 99]
ns_r_segments_percentage is read from the disk. Bogus or malicious value could cause integer overflow and malfunction due to meaningless disk usage calculation. This patch reports error when mounting such bogus volumes. Signed-off-by: Haogang Chen <haogangchen@gmail.com> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Haogang Chen
Linus Torvalds
parent
cf2b94daab
commit
3d777a6406
|
|
@ -409,6 +409,12 @@ static int nilfs_store_disk_layout(struct the_nilfs *nilfs,
|
||||||
nilfs->ns_first_data_block = le64_to_cpu(sbp->s_first_data_block);
|
nilfs->ns_first_data_block = le64_to_cpu(sbp->s_first_data_block);
|
||||||
nilfs->ns_r_segments_percentage =
|
nilfs->ns_r_segments_percentage =
|
||||||
le32_to_cpu(sbp->s_r_segments_percentage);
|
le32_to_cpu(sbp->s_r_segments_percentage);
|
||||||
|
if (nilfs->ns_r_segments_percentage < 1 ||
|
||||||
|
nilfs->ns_r_segments_percentage > 99) {
|
||||||
|
printk(KERN_ERR "NILFS: invalid reserved segments percentage.\n");
|
||||||
|
return -EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
nilfs_set_nsegments(nilfs, le64_to_cpu(sbp->s_nsegments));
|
nilfs_set_nsegments(nilfs, le64_to_cpu(sbp->s_nsegments));
|
||||||
nilfs->ns_crc_seed = le32_to_cpu(sbp->s_crc_seed);
|
nilfs->ns_crc_seed = le32_to_cpu(sbp->s_crc_seed);
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue