linux/fs
Eric Sandeen cf05946250 hfs: handle more on-disk corruptions without oopsing
hfs seems prone to bad things when it encounters on disk corruption.  Many
values are read from disk, and used as lengths to memcpy, as an example.
This patch fixes up several of these problematic cases.

o sanity check the on-disk maximum key lengths on mount
  (these are set to a defined value at mkfs time and shouldn't differ)
o check on-disk node keylens against the maximum key length for each tree
o fix hfs_btree_open so that going out via free_tree: doesn't wind
  up in hfs_releasepage, which wants to follow the very pointer
  we were trying to set up:
	HFS_SB(sb)->cat_tree = hfs_btree_open()
		...
		failure gets to hfs_releasepage and tries
		to follow HFS_SB(sb)->cat_tree

Tested with the fsfuzzer; it survives more than it used to.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: Roman Zippel <zippel@linux-m68k.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-01-08 16:10:36 -08:00
..
9p 9p: use copy of the options value instead of original 2007-11-06 08:02:53 -06:00
adfs Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
affs fs: mark nibblemap const 2007-10-17 08:42:47 -07:00
afs fs/afs/vlocation.c: fix off-by-one 2007-11-05 15:12:32 -08:00
autofs Use task_pid_nr() instead of pid_nr(task_pid()) 2007-10-19 11:53:43 -07:00
autofs4 pid namespaces: round up the API 2007-10-19 11:53:37 -07:00
befs Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
bfs regression: bfs endianness bug 2007-12-05 09:25:20 -08:00
cifs regression: cifs endianness bug 2007-12-05 09:25:19 -08:00
coda pid namespaces: round up the API 2007-10-19 11:53:37 -07:00
configfs r/o bind mounts: filesystem helpers for custom 'struct file's 2007-10-17 08:43:04 -07:00
cramfs fs/cramfs/inode.c: replace hardcoded value with preprocessor constant 2007-10-18 14:37:29 -07:00
debugfs [PATCH] pass dentry to audit_inode()/audit_inode_child() 2007-10-21 02:37:18 -04:00
devpts devpts: add fsnotify create event 2007-05-08 11:14:59 -07:00
dlm [DLM] lowcomms: Do not muck with sysctl_rmem_max. 2007-11-07 04:11:42 -08:00
ecryptfs eCryptfs: fix dentry handling on create error, unlink, and inode destroy 2008-01-08 16:10:36 -08:00
efs exportfs: make struct export_operations const 2007-10-22 08:13:21 -07:00
exportfs exportfs: update documentation 2007-10-22 08:13:21 -07:00
ext2 fix up ext2_fs.h for userspace after reservations backport 2007-11-29 09:24:53 -08:00
ext3 ext3, ext4: avoid divide by zero 2007-12-17 19:28:16 -08:00
ext4 ext3, ext4: avoid divide by zero 2007-12-17 19:28:16 -08:00
fat fat: optimize fat_count_free_clusters() 2008-01-08 16:10:35 -08:00
freevxfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
fuse fuse: fix attribute caching after rename 2007-11-29 09:24:54 -08:00
gfs2 exportfs: make struct export_operations const 2007-10-22 08:13:21 -07:00
hfs hfs: handle more on-disk corruptions without oopsing 2008-01-08 16:10:36 -08:00
hfsplus Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
hostfs uml: fix hostfs style 2007-10-16 09:43:07 -07:00
hpfs Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
hppfs
hugetlbfs hugetlb: allow bulk updating in hugetlb_*_quota() 2007-11-14 18:45:40 -08:00
isofs exportfs: make struct export_operations const 2007-10-22 08:13:21 -07:00
jbd jbd: Fix assertion failure in fs/jbd/checkpoint.c 2007-12-05 09:21:20 -08:00
jbd2 JBD2: debug code cleanup. 2007-10-17 18:49:59 -04:00
jffs2 Freezer: Fix JFFS2 garbage collector freezing issue (rev. 2) 2007-12-04 01:35:41 -05:00
jfs Forbid user to change file flags on quota files 2007-11-14 18:45:38 -08:00
lockd NFS/SUNRPC: use transport protocol naming 2007-10-09 17:17:53 -04:00
minix limit minixfs printks on corrupted dir i_size 2007-10-17 08:42:53 -07:00
msdos
ncpfs Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
nfs NFSv4: Fix open_to_lock_owner sequenceid allocation... 2008-01-03 09:37:17 -05:00
nfs_common
nfsd nfsd4: recheck for secure ports in fh_verify 2007-11-12 14:28:08 -08:00
nls sparse pointer use of zero as null 2007-10-18 14:37:31 -07:00
ntfs NTFS: Fix read regression. 2007-11-03 12:27:21 -07:00
ocfs2 ocfs2: Re-journal buffers after transaction extend 2007-12-17 10:51:23 -08:00
openpromfs Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
partitions fs/partitions/sun.c endianness annotations 2007-10-14 12:41:51 -07:00
proc restrict reading from /proc/<pid>/maps to those who share ->mm or can ptrace pid 2008-01-02 13:13:27 -08:00
qnx4 Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
ramfs Remove valueless definition of hard-selected RAMFS option 2007-10-17 08:42:56 -07:00
reiserfs proc: fix proc_dir_entry refcounting 2007-12-05 09:21:20 -08:00
romfs fs/romfs/inode.c: trivial improvements 2007-10-17 08:42:47 -07:00
smbfs smbfs: fix debug builds 2007-11-14 18:45:43 -08:00
sysfs sysfs: fix off-by-one error in fill_read_buffer() 2007-11-28 13:53:53 -08:00
sysv Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
udf fs/udf/balloc.c: mark a variable as uninitialized_var() 2007-10-17 08:43:00 -07:00
ufs ufs: fix nexstep dir block size 2007-12-05 09:21:18 -08:00
vfat
xfs [XFS] Initialise current offset in xfs_file_readdir correctly 2007-12-21 11:40:05 +11:00
aio.c aio: only account I/O wait time in read_events if there are active requests 2007-12-05 09:21:18 -08:00
anon_inodes.c anon-inodes use open coded atomic_inc for the shared inode 2007-10-17 08:43:00 -07:00
attr.c VFS: make notify_change pass ATTR_KILL_S*ID to setattr operations 2007-10-18 14:37:22 -07:00
bad_inode.c sendfile: remove bad_sendfile() from bad_file_ops 2007-07-10 08:04:15 +02:00
binfmt_aout.c mm: fix exit_mmap BUG() on a.out binary exit 2007-12-20 07:49:53 -08:00
binfmt_elf_fdpic.c pid namespaces: changes to show virtual ids to user 2007-10-19 11:53:40 -07:00
binfmt_elf.c core dump: real_parent ppid 2008-01-07 14:55:37 -08:00
binfmt_em86.c Convert files to UTF-8 and some cleanups 2007-10-19 23:21:04 +02:00
binfmt_flat.c binfmt_flat: warning fixes 2007-10-17 08:42:54 -07:00
binfmt_misc.c Convert files to UTF-8 and some cleanups 2007-10-19 23:21:04 +02:00
binfmt_script.c Convert files to UTF-8 and some cleanups 2007-10-19 23:21:04 +02:00
binfmt_som.c core_pattern: ignore RLIMIT_CORE if core_pattern is a pipe 2007-10-17 08:42:50 -07:00
bio.c bio: make freeing of ->bi_io_vec conditional in bio_free() 2007-10-16 11:03:52 +02:00
block_dev.c Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
buffer.c nobh: nobh_write_end fix 2007-10-21 08:54:05 -07:00
char_dev.c mm: bdi init hooks 2007-10-17 08:42:45 -07:00
compat_ioctl.c fix: using joysticks in 32 bit applications on 64 bit systems 2008-01-06 10:26:06 -08:00
compat.c mm: variable length argument support 2007-07-19 10:04:45 -07:00
dcache.c dcache: don't expose uninitialized memory in /proc/<pid>/fd/<fd> 2007-10-22 08:13:18 -07:00
dcookies.c Remove fs.h from mm.h 2007-07-29 17:09:29 -07:00
direct-io.c remove ZERO_PAGE 2007-10-16 09:42:53 -07:00
dnotify.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
dquot.c Don't send quota messages repeatedly when hardlimit reached 2007-12-23 12:54:36 -08:00
drop_caches.c invalidate_mapping_pages(): add cond_resched 2007-07-16 09:05:36 -07:00
eventfd.c eventfd use waitqueue lock ... 2007-05-18 13:09:34 -07:00
eventpoll.c fs/eventpoll.c: use list_for_each_entry() instead of list_for_each() 2007-10-19 11:53:38 -07:00
exec.c vfs: coredumping fix 2007-11-28 10:58:01 -08:00
fcntl.c pid namespaces: changes to show virtual ids to user 2007-10-19 11:53:40 -07:00
fifo.c Detach sched.h from mm.h 2007-05-21 09:18:19 -07:00
file_table.c fs/file_table.c: use list_for_each_entry() instead of list_for_each() 2007-10-19 11:53:38 -07:00
file.c
filesystems.c add filesystem subtype support 2007-05-08 11:15:01 -07:00
fs-writeback.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
generic_acl.c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check 2007-07-17 12:00:03 -07:00
inode.c introduce I_SYNC 2007-10-17 08:43:02 -07:00
inotify_user.c change inotifyfs magic as the same magic is used for futexfs 2007-10-17 08:43:00 -07:00
inotify.c [PATCH] new helper - inotify_evict_watch() 2007-10-21 02:37:38 -04:00
internal.h cleanup compat ioctl handling 2007-05-08 11:15:09 -07:00
ioctl.c drop obsolete sys_ioctl export 2007-07-16 09:05:48 -07:00
ioprio.c ioprio: allow sys_ioprio_set() value of 0 to reset ioprio setting 2007-11-07 13:54:07 +01:00
Kconfig fs/Kconfig: grammar fix 2007-12-17 19:28:16 -08:00
Kconfig.binfmt fs: Kill sh dependency for binfmt_flat. 2007-05-21 14:34:00 +09:00
libfs.c exportfs: add new methods 2007-10-22 08:13:19 -07:00
locks.c locks: fix possible infinite loop in posix deadlock detection 2007-10-30 09:04:18 -07:00
Makefile Remove valueless definition of hard-selected RAMFS option 2007-10-17 08:42:56 -07:00
mbcache.c fs: Fix to correct the mbcache entries counter 2007-10-25 15:18:29 -07:00
mpage.c mm: buffered write cleanup 2007-10-16 09:42:54 -07:00
namei.c [PATCH] pass dentry to audit_inode()/audit_inode_child() 2007-10-21 02:37:18 -04:00
namespace.c [PATCH] new helpers - collect_mounts() and release_collected_mounts() 2007-10-21 02:37:25 -04:00
nfsctl.c nfsctl: use vfs_path_lookup 2007-07-19 10:04:45 -07:00
no-block.c
open.c mark sys_open/sys_read exports unused 2007-11-14 18:45:42 -08:00
pipe.c sched: affine sync wakeups 2007-10-15 17:00:19 +02:00
pnode.c Introduce a handy list_first_entry macro 2007-05-08 11:15:11 -07:00
pnode.h [PATCH] new helpers - collect_mounts() and release_collected_mounts() 2007-10-21 02:37:25 -04:00
posix_acl.c
quota_v1.c
quota_v2.c
quota.c [IA64] Fix build failure in fs/quota.c 2007-07-27 15:40:13 -07:00
read_write.c mark sys_open/sys_read exports unused 2007-11-14 18:45:42 -08:00
read_write.h
readdir.c ROUND_UP macro cleanup in fs/(select|compat|readdir).c 2007-05-08 11:15:09 -07:00
select.c fs/select, remove unused macros 2007-10-19 11:53:41 -07:00
seq_file.c [FS] seq_file: Introduce the seq_open_private() 2007-10-10 16:55:33 -07:00
signalfd.c rename signalfd_siginfo fields 2007-10-17 08:43:01 -07:00
splice.c Implement file posix capabilities 2007-10-17 08:43:07 -07:00
stack.c
stat.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
super.c Convert files to UTF-8 and some cleanups 2007-10-19 23:21:04 +02:00
sync.c Introduce fixed sys_sync_file_range2() syscall, implement on PowerPC and ARM 2007-06-28 11:38:30 -07:00
timerfd.c make timerfd return a u64 and fix the __put_user 2007-07-26 11:35:17 -07:00
utimes.c VFS: check nanoseconds in utimensat 2007-10-17 08:42:52 -07:00
xattr_acl.c
xattr.c [PATCH] pass dentry to audit_inode()/audit_inode_child() 2007-10-21 02:37:18 -04:00