• Eric Biggers's avatar
    ext4: forbid i_extra_isize not divisible by 4 · 2dc8d9e1
    Eric Biggers authored
    i_extra_isize not divisible by 4 is problematic for several reasons:
    
    - It causes the in-inode xattr space to be misaligned, but the xattr
      header and entries are not declared __packed to express this
      possibility.  This may cause poor performance or incorrect code
      generation on some platforms.
    - When validating the xattr entries we can read past the end of the
      inode if the size available for xattrs is not a multiple of 4.
    - It allows the nonsensical i_extra_isize=1, which doesn't even leave
      enough room for i_extra_isize itself.
    
    Therefore, update ext4_iget() to consider i_extra_isize not divisible by
    4 to be an error, like the case where i_extra_isize is too large.
    
    This also matches the rule recently added to e2fsck for determining
    whether an inode has valid i_extra_isize.
    
    This patch shouldn't have any noticeable effect on
    non-corrupted/non-malicious filesystems, since the size of ext4_inode
    has always been a multiple of 4.
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    Reviewed-by: default avatarAndreas Dilger <adilger@dilger.ca>
    2dc8d9e1
inode.c 171 KB