[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

growfs fix



part of fbsd rev 1.23.  it's not immediately clear if we are affected, but 
can't hurt.

Index: growfs.c
===================================================================
RCS file: /cvs/src/sbin/growfs/growfs.c,v
retrieving revision 1.11
diff -u -r1.11 growfs.c
--- growfs.c	2004/03/15 08:52:01	1.11
+++ growfs.c	2004/10/11 06:10:01
@@ -106,6 +106,7 @@
 };
 
 static struct csum	*fscs;		/* cylinder summary */
+static ino_t		 maxino;	/* last valid inode */
 
 static struct ufs1_dinode	zino[MAXBSIZE / sizeof(struct ufs1_dinode)]; /* some inodes */
 
@@ -1432,7 +1433,7 @@
 		 */
 		for (cylno = 0; cylno < osblock.fs_ncg; cylno++) {
 			DBG_PRINT1("scg doing cg (%d)\n", cylno);
-			for (inc = osblock.fs_ipg - 1; inc >= 0; inc--) {
+			for (inc = osblock.fs_ipg - 1; inc > 0; inc--) {
 				updrefs(cylno, (ino_t)inc, bp, fsi, fso, Nflag);
 			}
 		}
@@ -1487,6 +1488,9 @@
 
 	DBG_ENTER;
 
+	if (bno < 0)
+		err(32, "rdfs: attempting to read negative block number");
+
 	if (lseek(fsi, (off_t)bno * DEV_BSIZE, 0) < 0) {
 		err(33, "rdfs: seek error: %ld", (long)bno);
 	}
@@ -1776,6 +1780,12 @@
 
 	pi = (struct ufs1_dinode *)ablk;
 	inumber += (cg * sblock.fs_ipg);
+	if (inumber < ROOTINO) {
+		DBG_LEAVE;
+		return NULL;
+	}
+	if (inumber > maxino)
+		errx(8, "bad inode number %d to ginode", inumber);
 	if (startinum == 0 || inumber < startinum ||
 	    inumber >= startinum + INOPB(&sblock)) {
 		/*
@@ -1946,6 +1956,7 @@
 	if (osblock.fs_magic != FS_MAGIC)
 		errx(1, "superblock not recognized");
 	memcpy(&fsun1, &fsun2, sizeof(fsun2));
+	maxino = sblock.fs_ncg * sblock.fs_ipg;
 
 	DBG_OPEN("/tmp/growfs.debug"); /* already here we need a superblock */
 	DBG_DUMP_FS(&sblock, "old sblock");

-- 
let's stop saying "don't quote me"
because if no one quotes you
you probably haven't said a thing worth saying