Jan Kara
2014-10-21 14:31:32 UTC
xfs_bulkstat() doesn't check error return from xfs_btree_increment(). In
case of specific fs corruption that could result in xfs_bulkstat()
entering an infinite loop because we would be looping over the same
chunk over and over again. Fix the problem by checking the return value
and terminating the loop properly.
Coverity-id: 1231338
Signed-off-by: Jan Kara <***@suse.cz>
---
fs/xfs/xfs_itable.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
index f1deb961a296..66d5c619517d 100644
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -474,6 +474,10 @@ xfs_bulkstat(
*/
agino = r.ir_startino + XFS_INODES_PER_CHUNK;
error = xfs_btree_increment(cur, 0, &tmp);
+ if (error) {
+ end_of_ag = 1;
+ break;
+ }
cond_resched();
}
/*
case of specific fs corruption that could result in xfs_bulkstat()
entering an infinite loop because we would be looping over the same
chunk over and over again. Fix the problem by checking the return value
and terminating the loop properly.
Coverity-id: 1231338
Signed-off-by: Jan Kara <***@suse.cz>
---
fs/xfs/xfs_itable.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
index f1deb961a296..66d5c619517d 100644
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -474,6 +474,10 @@ xfs_bulkstat(
*/
agino = r.ir_startino + XFS_INODES_PER_CHUNK;
error = xfs_btree_increment(cur, 0, &tmp);
+ if (error) {
+ end_of_ag = 1;
+ break;
+ }
cond_resched();
}
/*
--
1.8.1.4
1.8.1.4