Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / shift / mainline / 1f6fa26199bb164157fbf81f850df1991d10c959^! / . / fs / f2fs / dir.c
commit1f6fa26199bb164157fbf81f850df1991d10c959[log] [tgz]
authorJaegeuk Kim <jaegeuk@kernel.org>Thu Dec 31 10:28:52 2015 -0800
committerJaegeuk Kim <jaegeuk@kernel.org>Thu Dec 31 11:42:46 2015 -0800
tree2d0933668d4f02fc2fc70cfae2f57ffedab2de9f
parent732d56489f21c04f7bf60c675f7d152c9239a09c [diff] [blame]
f2fs: remove f2fs_bug_on in terms of max_depth

There is no report on this bug_on case, but if malicious attacker changed this
field intentionally, we can just reset it as a MAX value.

Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c
index 3da5826..29bb8dd 100644
--- a/fs/f2fs/dir.c
+++ b/fs/f2fs/dir.c

@@ -172,8 +172,6 @@
 
 	namehash = f2fs_dentry_hash(&name);
 
-	f2fs_bug_on(F2FS_I_SB(dir), level > MAX_DIR_HASH_DEPTH);
-
 	nbucket = dir_buckets(level, F2FS_I(dir)->i_dir_level);
 	nblock = bucket_blocks(level);
 
@@ -238,6 +236,14 @@
 		goto out;
 
 	max_depth = F2FS_I(dir)->i_current_depth;
+	if (unlikely(max_depth > MAX_DIR_HASH_DEPTH)) {
+		f2fs_msg(F2FS_I_SB(dir)->sb, KERN_WARNING,
+				"Corrupted max_depth of %lu: %u",
+				dir->i_ino, max_depth);
+		max_depth = MAX_DIR_HASH_DEPTH;
+		F2FS_I(dir)->i_current_depth = max_depth;
+		mark_inode_dirty(dir);
+	}
 
 	for (level = 0; level < max_depth; level++) {
 		de = find_in_level(dir, level, &fname, res_page);