Blame SOURCES/0176-libblkid-minix-Use-same-checks-for-version-3.patch

5113bc
From b5d9bfe34e62cf1c57646efa0bd72ecad7d98258 Mon Sep 17 00:00:00 2001
7fefb0
From: Nate Clark <nate@neworld.us>
7fefb0
Date: Wed, 4 Jan 2017 15:24:32 -0500
5113bc
Subject: [PATCH 176/176] libblkid/minix: Use same checks for version 3
7fefb0
7fefb0
fsck.minix performs the same sanity checks on all versions of the
7fefb0
superblock. Update the probe to perform the same sanity checks so it is
7fefb0
less likely a different type of filesystem will be identified as minix.
7fefb0
7fefb0
Upstream: http://github.com/karelzak/util-linux/commit/f82c804869bb8613fa0924e3111b7eb55bb04fcd
7fefb0
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1594681
7fefb0
Signed-off-by: Nate Clark <nate@neworld.us>
7fefb0
Signed-off-by: Karel Zak <kzak@redhat.com>
7fefb0
---
7fefb0
 libblkid/src/superblocks/minix.c | 38 +++++++++++++++++++++++---------------
7fefb0
 1 file changed, 23 insertions(+), 15 deletions(-)
7fefb0
7fefb0
diff --git a/libblkid/src/superblocks/minix.c b/libblkid/src/superblocks/minix.c
7fefb0
index 4e70fda8f..21b3bf8bb 100644
7fefb0
--- a/libblkid/src/superblocks/minix.c
7fefb0
+++ b/libblkid/src/superblocks/minix.c
7fefb0
@@ -75,6 +75,9 @@ static int probe_minix(blkid_probe pr, const struct blkid_idmag *mag)
7fefb0
 	unsigned char *ext;
7fefb0
 	const unsigned char *data;
7fefb0
 	int version = 0, swabme = 0;
7fefb0
+	unsigned long zones, ninodes, imaps, zmaps;
7fefb0
+	off_t firstz;
7fefb0
+	size_t zone_size;
7fefb0
 
7fefb0
 	data = blkid_probe_get_buffer(pr, 1024,
7fefb0
 			max(sizeof(struct minix_super_block),
7fefb0
@@ -85,14 +88,9 @@ static int probe_minix(blkid_probe pr, const struct blkid_idmag *mag)
7fefb0
 	if (version < 1)
7fefb0
 		return 1;
7fefb0
 
7fefb0
+
7fefb0
 	if (version <= 2) {
7fefb0
 		struct minix_super_block *sb = (struct minix_super_block *) data;
7fefb0
-		unsigned long zones, ninodes, imaps, zmaps;
7fefb0
-		off_t firstz;
7fefb0
-
7fefb0
-		if (sb->s_imap_blocks == 0 || sb->s_zmap_blocks == 0)
7fefb0
-			return 1;
7fefb0
-
7fefb0
 		uint16_t state = minix_swab16(swabme, sb->s_state);
7fefb0
 		if ((state & (MINIX_VALID_FS | MINIX_ERROR_FS)) != state)
7fefb0
 			return 1;
7fefb0
@@ -103,20 +101,30 @@ static int probe_minix(blkid_probe pr, const struct blkid_idmag *mag)
7fefb0
 		imaps   = minix_swab16(swabme, sb->s_imap_blocks);
7fefb0
 		zmaps   = minix_swab16(swabme, sb->s_zmap_blocks);
7fefb0
 		firstz  = minix_swab16(swabme, sb->s_firstdatazone);
7fefb0
-
7fefb0
-		/* sanity checks to be sure that the FS is really minix */
7fefb0
-		if (imaps * MINIX_BLOCK_SIZE * 8 < ninodes + 1)
7fefb0
-			return 1;
7fefb0
-		if (zmaps * MINIX_BLOCK_SIZE * 8 < zones - firstz + 1)
7fefb0
-			return 1;
7fefb0
-
7fefb0
+		zone_size = sb->s_log_zone_size;
7fefb0
 	} else if (version == 3) {
7fefb0
 		struct minix3_super_block *sb = (struct minix3_super_block *) data;
7fefb0
 
7fefb0
-		if (sb->s_imap_blocks == 0 || sb->s_zmap_blocks == 0)
7fefb0
-			return 1;
7fefb0
+		zones = minix_swab32(swabme, sb->s_zones);
7fefb0
+		ninodes = minix_swab32(swabme, sb->s_ninodes);
7fefb0
+		imaps   = minix_swab16(swabme, sb->s_imap_blocks);
7fefb0
+		zmaps   = minix_swab16(swabme, sb->s_zmap_blocks);
7fefb0
+		firstz  = minix_swab16(swabme, sb->s_firstdatazone);
7fefb0
+		zone_size = sb->s_log_zone_size;
7fefb0
 	}
7fefb0
 
7fefb0
+	/* sanity checks to be sure that the FS is really minix.
7fefb0
+	 * see disk-utils/fsck.minix.c read_superblock
7fefb0
+	 */
7fefb0
+	if (zone_size != 0 || ninodes == 0 || ninodes == UINT32_MAX)
7fefb0
+		return 1;
7fefb0
+	if (imaps * MINIX_BLOCK_SIZE * 8 < ninodes + 1)
7fefb0
+		return 1;
7fefb0
+	if (firstz > (off_t) zones)
7fefb0
+		return 1;
7fefb0
+	if (zmaps * MINIX_BLOCK_SIZE * 8 < zones - firstz + 1)
7fefb0
+		return 1;
7fefb0
+
7fefb0
 	/* unfortunately, some parts of ext3 is sometimes possible to
7fefb0
 	 * interpreted as minix superblock. So check for extN magic
7fefb0
 	 * string. (For extN magic string and offsets see ext.c.)
7fefb0
-- 
7fefb0
2.14.4
7fefb0