diff options
| author | Xin LI <delphij@FreeBSD.org> | 2008-02-26 03:08:22 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2008-02-26 03:08:22 +0000 |
| commit | 1aaf5f440f1f108374121fd46b29a024fdb1f7f6 (patch) | |
| tree | 800a059e46018ee1ca4f0712bc3ec8755b7a57ed /sbin | |
| parent | 33663c724656d32b9381705a6c8d773e92dc4697 (diff) | |
| download | src-1aaf5f440f1f108374121fd46b29a024fdb1f7f6.tar.gz src-1aaf5f440f1f108374121fd46b29a024fdb1f7f6.zip | |
In pass1(), cap inosused to fs_ipg rather than allowing arbitrary
number read from cylinder group. Chances that we read a smarshed
cylinder group, and we can not 100% trust information it has
supplied. fsck_ffs(8) will crash otherwise for some cases.
Notes
Notes:
svn path=/head/; revision=176575
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/fsck_ffs/pass1.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sbin/fsck_ffs/pass1.c b/sbin/fsck_ffs/pass1.c index f72887755ec2..9bfc95df00c6 100644 --- a/sbin/fsck_ffs/pass1.c +++ b/sbin/fsck_ffs/pass1.c @@ -93,9 +93,11 @@ pass1(void) inumber = c * sblock.fs_ipg; setinodebuf(inumber); getblk(&cgblk, cgtod(&sblock, c), sblock.fs_cgsize); - if (sblock.fs_magic == FS_UFS2_MAGIC) + if (sblock.fs_magic == FS_UFS2_MAGIC) { inosused = cgrp.cg_initediblk; - else + if (inosused > sblock.fs_ipg) + inosused = sblock.fs_ipg; + } else inosused = sblock.fs_ipg; if (got_siginfo) { printf("%s: phase 1: cyl group %d of %d (%d%%)\n", |