ext4: add check for inodes_count overflow in new resize ioctl
Theodore Ts'o [Mon, 22 Apr 2013 02:56:32 +0000 (22:56 -0400)]
commit 3f8a6411fbada1fa482276591e037f3b1adcf55b upstream.

Addresses-Red-Hat-Bugzilla: #913245

Reported-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com>
Signed-off-by: Lingzhu Xiang <lxiang@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/ext4/resize.c

index 9202b22..86a8c88 100644 (file)
@@ -1630,6 +1630,10 @@ int ext4_resize_fs(struct super_block *sb, ext4_fsblk_t n_blocks_count)
                return 0;
 
        ext4_get_group_no_and_offset(sb, n_blocks_count - 1, &n_group, &offset);
+       if (n_group > (0xFFFFFFFFUL / EXT4_INODES_PER_GROUP(sb))) {
+               ext4_warning(sb, "resize would cause inodes_count overflow");
+               return -EINVAL;
+       }
        ext4_get_group_no_and_offset(sb, o_blocks_count - 1, &o_group, &offset);
 
        n_desc_blocks = (n_group + EXT4_DESC_PER_BLOCK(sb)) /