PERFORCE change 20843 for review

Fri Nov 8 16:05:56 GMT 2002

http://perforce.freebsd.org/chv.cgi?CH=20843

Change 20843 by green at green_laptop_2 on 2002/11/08 08:05:02

	Allow UFS2 extended attribute support to remain resilient in
	the face of corrupted extents on the filesystem.  There is not
	currently a way to repair them in fsck(8), but at least we
	won't end up going into an infinite loop trying to process them.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/ufs/ffs/ffs_vnops.c#16 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/ufs/ffs/ffs_vnops.c#16 (text+ko) ====

@@ -1324,7 +1324,8 @@
  * the length of the EA, and possibly the pointer to the entry and to the data.
  */
 static int
-ffs_findextattr(u_char *ptr, uint length, int nspace, const char *name, u_char **eap, u_char **eac)
+ffs_findextattr(u_char *ptr, uint length, int nspace, const char *name,
+    int *ealenp, u_char **eap, u_char **eac)
 {
 	u_char *p, *pe, *pn, *p0;
 	int eapad1, eapad2, ealength, ealen, nlen;
@@ -1340,6 +1341,9 @@
 		/* make sure this entry is complete */
 		if (pn > pe)
 			break;
+		/* don't loop forever on a corrupt entry */
+		if (pn <= p)
+			return (EFTYPE);
 		p += sizeof(uint32_t);
 		if (*p != nspace)
 			continue;
@@ -1361,9 +1365,10 @@
 			*eap = p0;
 		if (eac != NULL)
 			*eac = p;
-		return (ealen);
+		*ealenp = ealen;
+		return (0);
 	}
-	return(-1);
+	return (ENOATTR);
 }
 
 static int
@@ -1597,16 +1602,13 @@
 	eae = ip->i_ea_area;
 	easize = ip->i_ea_len;
 	if (strlen(ap->a_name) > 0) {
-		ealen = ffs_findextattr(eae, easize,
-		    ap->a_attrnamespace, ap->a_name, NULL, &p);
-		if (ealen >= 0) {
-			error = 0;
+		error = ffs_findextattr(eae, easize,
+		    ap->a_attrnamespace, ap->a_name, &ealen, NULL, &p);
+		if (error == 0) {
 			if (ap->a_size != NULL)
 				*ap->a_size = ealen;
 			else if (ap->a_uio != NULL)
 				error = uiomove(p, ealen, ap->a_uio);
-		} else {
-			error = ENOATTR;
 		}
 	} else {
 		error = 0;
@@ -1711,16 +1713,16 @@
 	bcopy(ip->i_ea_area, eae, ip->i_ea_len);
 	easize = ip->i_ea_len;
 
-	olen = ffs_findextattr(eae, easize,
-	    ap->a_attrnamespace, ap->a_name, &p, NULL);
-	if (olen == -1 && ealength == 0) {
-		/* delete but nonexistent */
+	error = ffs_findextattr(eae, easize,
+	    ap->a_attrnamespace, ap->a_name, &olen, &p, NULL);
+	if ((error == ENOATTR && ealength == 0) || /* delete but nonexistent */
+	    (error != 0 && error != ENOATTR)) {    /* corrupted? */
 		free(eae, M_TEMP);
 		if (stand_alone)
 			ffs_close_ea(ap->a_vp, 0, ap->a_cred, ap->a_td);
-		return(ENOATTR);
+		return (error);
 	}
-        if (olen == -1) {
+        if (error == ENOATTR) {
 		/* new, append at end */
 		p = eae + easize;
 		easize += ealength;
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

