[PATCH] repair: validate acl count before reading it
Christoph Hellwig
hch at infradead.org
Wed Nov 16 01:58:29 CST 2011
On Wed, Nov 16, 2011 at 11:23:23AM +1100, Dave Chinner wrote:
> > count = be32_to_cpu(dacl->acl_cnt);
> > + if (count > XFS_ACL_MAX_ENTRIES) {
> > + do_warn(_("to larget ACL, size %d"), count);
>
> "Too many ACL entries, count %d\n"
Ok.
> > + *aclp = NULL;
> > + return EINVAL;
> > + }
> > +
> > +
> > end = &dacl->acl_entry[0] + count;
> > acl = malloc((int)((char *)end - (char *)dacl));
> > - if (!acl)
> > - return NULL;
> > + if (!acl) {
> > + do_warn(_("cannot malloc enough for ACL attribute\n"));
> > + do_warn(_("SKIPPING this ACL\n"));
>
> Should you put that same "Skipping" message for all the error cases?
For the ENOMEM case we indeed skip the ACL. For other errors we will
just remove this attribute. Given how enomem really should not just
happen for that small ACL I wonder how special casing it makes any
sense - but that code has been there for a while.
More information about the xfs
mailing list