mirror of https://github.com/vitalif/e2fsprogs
resize2fs: fix fs->blocksize dereference after fs has been freed
Commit 77255cf369 introduced a use after free bug.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
test-maint
Theodore Ts'o
parent
ebdf895b43
commit
deae5e809b
|
|
@ -181,6 +181,7 @@ int main (int argc, char ** argv)
|
|||
ext2fs_struct_stat st_buf;
|
||||
__s64 new_file_size;
|
||||
unsigned int sys_page_size = 4096;
|
||||
unsigned int blocksize;
|
||||
long sysval;
|
||||
int len, mount_flags;
|
||||
char *mtpt;
|
||||
|
|
@ -366,7 +367,8 @@ int main (int argc, char ** argv)
|
|||
* defaults and for making sure the new filesystem doesn't
|
||||
* exceed the partition size.
|
||||
*/
|
||||
retval = ext2fs_get_device_size2(device_name, fs->blocksize,
|
||||
blocksize = fs->blocksize;
|
||||
retval = ext2fs_get_device_size2(device_name, blocksize,
|
||||
&max_size);
|
||||
if (retval) {
|
||||
com_err(program_name, retval, "%s",
|
||||
|
|
@ -386,8 +388,8 @@ int main (int argc, char ** argv)
|
|||
} else {
|
||||
new_size = max_size;
|
||||
/* Round down to an even multiple of a pagesize */
|
||||
if (sys_page_size > fs->blocksize)
|
||||
new_size &= ~((sys_page_size / fs->blocksize)-1);
|
||||
if (sys_page_size > blocksize)
|
||||
new_size &= ~((sys_page_size / blocksize)-1);
|
||||
}
|
||||
if (!EXT2_HAS_INCOMPAT_FEATURE(fs->super,
|
||||
EXT4_FEATURE_INCOMPAT_64BIT)) {
|
||||
|
|
@ -423,7 +425,7 @@ int main (int argc, char ** argv)
|
|||
* automatically extend it in a sparse fashion by writing the
|
||||
* last requested block.
|
||||
*/
|
||||
new_file_size = ((__u64) new_size) * fs->blocksize;
|
||||
new_file_size = ((__u64) new_size) * blocksize;
|
||||
if ((__u64) new_file_size >
|
||||
(((__u64) 1) << (sizeof(st_buf.st_size)*8 - 1)) - 1)
|
||||
fd = -1;
|
||||
|
|
@ -437,13 +439,13 @@ int main (int argc, char ** argv)
|
|||
fprintf(stderr, _("The containing partition (or device)"
|
||||
" is only %llu (%dk) blocks.\nYou requested a new size"
|
||||
" of %llu blocks.\n\n"), max_size,
|
||||
fs->blocksize / 1024, new_size);
|
||||
blocksize / 1024, new_size);
|
||||
exit(1);
|
||||
}
|
||||
if (new_size == ext2fs_blocks_count(fs->super)) {
|
||||
fprintf(stderr, _("The filesystem is already %llu (%dk) "
|
||||
"blocks long. Nothing to do!\n\n"), new_size,
|
||||
fs->blocksize / 1024);
|
||||
blocksize / 1024);
|
||||
exit(0);
|
||||
}
|
||||
if (mount_flags & EXT2_MF_MOUNTED) {
|
||||
|
|
@ -453,7 +455,7 @@ int main (int argc, char ** argv)
|
|||
bigalloc_check(fs, force);
|
||||
printf(_("Resizing the filesystem on "
|
||||
"%s to %llu (%dk) blocks.\n"),
|
||||
device_name, new_size, fs->blocksize / 1024);
|
||||
device_name, new_size, blocksize / 1024);
|
||||
retval = resize_fs(fs, &new_size, flags,
|
||||
((flags & RESIZE_PERCENT_COMPLETE) ?
|
||||
resize_progress_func : 0));
|
||||
|
|
@ -470,7 +472,7 @@ int main (int argc, char ** argv)
|
|||
exit(1);
|
||||
}
|
||||
printf(_("The filesystem on %s is now %llu (%dk) blocks long.\n\n"),
|
||||
device_name, new_size, fs->blocksize / 1024);
|
||||
device_name, new_size, blocksize / 1024);
|
||||
|
||||
if ((st_buf.st_size > new_file_size) &&
|
||||
(fd > 0)) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue