# This is a BitKeeper generated patch for the following project: # Project Name: Linux kernel tree # This patch format is intended for GNU patch command version 2.5 or higher. # This patch includes the following deltas: # ChangeSet 1.1052 -> 1.1053 # fs/reiserfs/super.c 1.30 -> 1.31 # fs/reiserfs/journal.c 1.25 -> 1.26 # # The following is the BitKeeper ChangeSet Log # -------------------------------------------- # 03/03/13 green@angband.namesys.com 1.1053 # reiserfs: Stricter checks for transactions and fs itself during mount. # -------------------------------------------- # diff -Nru a/fs/reiserfs/journal.c b/fs/reiserfs/journal.c --- a/fs/reiserfs/journal.c Sat Mar 15 15:26:06 2003 +++ b/fs/reiserfs/journal.c Sat Mar 15 15:26:06 2003 @@ -1401,6 +1401,10 @@ *newest_mount_id) ; return -1 ; } + if ( le32_to_cpu(desc->j_len) > sb_journal_trans_max(SB_DISK_SUPER_BLOCK(p_s_sb)) ) { + reiserfs_warning("journal-2018: Bad transaction length %d encountered, ignoring transaction\n", le32_to_cpu(desc->j_len)); + return -1 ; + } offset = d_bh->b_blocknr - reiserfs_get_journal_block(p_s_sb) ; /* ok, we have a journal description block, lets see if the transaction was valid */ @@ -1416,11 +1420,12 @@ le32_to_cpu(commit->j_trans_id), le32_to_cpu(commit->j_len)); brelse(c_bh) ; - if (oldest_invalid_trans_id) - *oldest_invalid_trans_id = le32_to_cpu(desc->j_trans_id) ; + if (oldest_invalid_trans_id) { + *oldest_invalid_trans_id = le32_to_cpu(desc->j_trans_id) ; reiserfs_debug(p_s_sb, REISERFS_DEBUG_CODE, "journal-1004: " "transaction_is_valid setting oldest invalid trans_id " "to %d\n", le32_to_cpu(desc->j_trans_id)) ; + } return -1; } brelse(c_bh) ; @@ -1517,9 +1522,14 @@ } else { real_blocks[i] = sb_getblk(p_s_sb, le32_to_cpu(commit->j_realblock[i - JOURNAL_TRANS_HALF])) ; } + if ( real_blocks[i]->b_blocknr > SB_BLOCK_COUNT(p_s_sb) ) { + reiserfs_warning("journal-1207: REPLAY FAILURE fsck required! Block to replay is outside of filesystem\n"); + goto abort_replay; + } if (real_blocks[i]->b_blocknr >= reiserfs_get_journal_block(p_s_sb) && real_blocks[i]->b_blocknr < (reiserfs_get_journal_block(p_s_sb)+JOURNAL_BLOCK_COUNT)) { reiserfs_warning("journal-1204: REPLAY FAILURE fsck required! Trying to replay onto a log block\n") ; +abort_replay: brelse_array(log_blocks, i) ; brelse_array(real_blocks, i) ; brelse(c_bh) ; diff -Nru a/fs/reiserfs/super.c b/fs/reiserfs/super.c --- a/fs/reiserfs/super.c Sat Mar 15 15:26:06 2003 +++ b/fs/reiserfs/super.c Sat Mar 15 15:26:06 2003 @@ -5,6 +5,7 @@ #include #include #include +#include #include #include #include @@ -1111,7 +1112,6 @@ struct inode *root_inode; kdev_t dev = s->s_dev; int j; - extern int *blksize_size[]; struct reiserfs_transaction_handle th ; int old_format = 0; unsigned long blocks; @@ -1159,6 +1159,16 @@ } rs = SB_DISK_SUPER_BLOCK (s); + + /* Let's do basic sanity check to verify that underlying device is not + smaller than the filesystem. If the check fails then abort and scream, + because bad stuff will happen otherwise. */ + if ( blk_size[MAJOR(dev)][MINOR(dev)] < sb_block_count(rs)*(sb_blocksize(rs)>>10) ) { + printk("Filesystem on %s cannot be mounted because it is bigger than the device\n", kdevname(dev)); + printk("You may need to run fsck or increase size of your LVM partition\n"); + printk("Or may be you forgot to reboot after fdisk when it told you to\n"); + return NULL; + } s->u.reiserfs_sb.s_mount_state = SB_REISERFS_STATE(s); s->u.reiserfs_sb.s_mount_state = REISERFS_VALID_FS ; .