diff options
author | Qu Wenruo <quwenruo@cn.fujitsu.com> | 2017-04-25 16:40:16 +0800 |
---|---|---|
committer | David Sterba <dsterba@suse.com> | 2017-05-02 16:33:04 +0200 |
commit | d00a875ed2cba63637d768fdfab42bec20d989b4 (patch) | |
tree | 42ad806e148d61385c9d4a87dab5dd53afc909cb | |
parent | 528ba342acfcce93457708ee5bdec98dee52645a (diff) |
btrfs-progs: Use more strict check to read out tree root
Fuzzed image bko-156811-bad-parent-ref-qgroup-verify.raw causes qgroup
to report -ENOMEM.
But the fact is, such image is heavily damaged so there is no valid root
item for the extent tree.
Normal extent tree key in root tree should be (EXTENT_TREE ROOT_ITEM 0),
while in that fuzzed image, we got (EXTENT_TREE EXXTENT_DATA SOME_NUMBER).
It's btrfs_find_last_root() that only checks the objectid, not caring
about the key type leading to such problem.
Fix it by doing extra check on key type.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
[ edit changelog ]
Signed-off-by: David Sterba <dsterba@suse.com>
-rw-r--r-- | root-tree.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/root-tree.c b/root-tree.c index ab01a140..6b8f8c1c 100644 --- a/root-tree.c +++ b/root-tree.c @@ -51,7 +51,8 @@ int btrfs_find_last_root(struct btrfs_root *root, u64 objectid, l = path->nodes[0]; slot = path->slots[0] - 1; btrfs_item_key_to_cpu(l, &found_key, slot); - if (found_key.objectid != objectid) { + if (found_key.type != BTRFS_ROOT_ITEM_KEY || + found_key.objectid != objectid) { ret = -ENOENT; goto out; } |