mtd/fs/jffs2 nodelist.c,1.75,1.76

gleixner at infradead.org gleixner at infradead.org
Thu Feb 20 05:58:57 EST 2003 

Update of /home/cvs/mtd/fs/jffs2
In directory phoenix.infradead.org:/tmp/cvs-serv30376

Modified Files:
	nodelist.c 
Log Message:
sanity checks added

Index: nodelist.c
===================================================================
RCS file: /home/cvs/mtd/fs/jffs2/nodelist.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -r1.75 -r1.76
--- nodelist.c	21 Jan 2003 18:11:28 -0000	1.75
+++ nodelist.c	20 Feb 2003 10:58:54 -0000	1.76
@@ -159,6 +159,14 @@
 				err = -EIO;
 				goto free_out;
 			}
+			/* sanity check */
+			if ((node.d.nsize + sizeof (node.d)) != je32_to_cpu (node.d.totlen)) {
+				printk(KERN_NOTICE "jffs2_get_inode_nodes(): Illegal nsize in node at 0x%08x: nsize 0x%02x\n",
+				       ref_offset(ref), node.d.nsize);
+				jffs2_mark_node_obsolete(c, ref);
+				spin_lock(&c->erase_completion_lock);
+				continue;
+			}
 			if (je32_to_cpu(node.d.version) > *highest_version)
 				*highest_version = je32_to_cpu(node.d.version);
 			if (ref_obsolete(ref)) {
@@ -167,6 +175,7 @@
 				       ref_offset(ref));
 				BUG();
 			}
+			
 			fd = jffs2_alloc_full_dirent(node.d.nsize+1);
 			if (!fd) {
 				err = -ENOMEM;
@@ -244,6 +253,18 @@
 				if (crc != je32_to_cpu(node.i.node_crc)) {
 					printk(KERN_NOTICE "jffs2_get_inode_nodes(): CRC failed on node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
 					       ref_offset(ref), je32_to_cpu(node.i.node_crc), crc);
+					jffs2_mark_node_obsolete(c, ref);
+					spin_lock(&c->erase_completion_lock);
+					continue;
+				}
+				
+				/* sanity checks */
+				if ( je32_to_cpu (node.i.offset) > c->flash_size || je32_to_cpu (node.i.csize) > c->sector_size
+					|| (je32_to_cpu (node.i.csize) + sizeof (struct jffs2_raw_inode)) != je32_to_cpu (node.i.totlen)) {
+					printk (KERN_NOTICE "jffs2_get_inode_nodes(): Inode corrupted at 0x%08x, totlen %d, #ino  %d, version %d, isize %d, csize %d, dsize %d \n",
+						ref_offset(ref),  je32_to_cpu(node.i.totlen),  je32_to_cpu(node.i.ino),
+						je32_to_cpu(node.i.version),  je32_to_cpu(node.i.isize), 
+						je32_to_cpu(node.i.csize), je32_to_cpu(node.i.dsize));
 					jffs2_mark_node_obsolete(c, ref);
 					spin_lock(&c->erase_completion_lock);
 					continue;

More information about the linux-mtd-cvs mailing list