[JFFS2] Check for all-zero node headers
Due to a poor choice of CRC32 seed, a node header which is all zeroes would pass the CRC32 check. Explicitly check for this case, and treat it as we do a CRC failure. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
Родитель
470bc84436
Коммит
c7258a4477
|
@ -373,7 +373,14 @@ free_out:
|
||||||
static inline int read_unknown(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref, struct jffs2_unknown_node *un)
|
static inline int read_unknown(struct jffs2_sb_info *c, struct jffs2_raw_node_ref *ref, struct jffs2_unknown_node *un)
|
||||||
{
|
{
|
||||||
/* We don't mark unknown nodes as REF_UNCHECKED */
|
/* We don't mark unknown nodes as REF_UNCHECKED */
|
||||||
BUG_ON(ref_flags(ref) == REF_UNCHECKED);
|
if (ref_flags(ref) == REF_UNCHECKED) {
|
||||||
|
JFFS2_ERROR("REF_UNCHECKED but unknown node at %#08x\n",
|
||||||
|
ref_offset(ref));
|
||||||
|
JFFS2_ERROR("Node is {%04x,%04x,%08x,%08x}. Please report this error.\n",
|
||||||
|
je16_to_cpu(un->magic), je16_to_cpu(un->nodetype),
|
||||||
|
je32_to_cpu(un->totlen), je32_to_cpu(un->hdr_crc));
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
un->nodetype = cpu_to_je16(JFFS2_NODE_ACCURATE | je16_to_cpu(un->nodetype));
|
un->nodetype = cpu_to_je16(JFFS2_NODE_ACCURATE | je16_to_cpu(un->nodetype));
|
||||||
|
|
||||||
|
@ -576,6 +583,13 @@ static int jffs2_get_inode_nodes(struct jffs2_sb_info *c, struct jffs2_inode_inf
|
||||||
jffs2_mark_node_obsolete(c, ref);
|
jffs2_mark_node_obsolete(c, ref);
|
||||||
goto cont;
|
goto cont;
|
||||||
}
|
}
|
||||||
|
/* Due to poor choice of crc32 seed, an all-zero node will have a correct CRC */
|
||||||
|
if (!je32_to_cpu(node->u.hdr_crc) && !je16_to_cpu(node->u.nodetype) &&
|
||||||
|
!je16_to_cpu(node->u.magic) && !je32_to_cpu(node->u.totlen)) {
|
||||||
|
JFFS2_NOTICE("All zero node header at %#08x.\n", ref_offset(ref));
|
||||||
|
jffs2_mark_node_obsolete(c, ref);
|
||||||
|
goto cont;
|
||||||
|
}
|
||||||
|
|
||||||
switch (je16_to_cpu(node->u.nodetype)) {
|
switch (je16_to_cpu(node->u.nodetype)) {
|
||||||
|
|
||||||
|
|
|
@ -734,6 +734,15 @@ scan_more:
|
||||||
ofs += 4;
|
ofs += 4;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
/* Due to poor choice of crc32 seed, an all-zero node will have a correct CRC */
|
||||||
|
if (!je32_to_cpu(node->hdr_crc) && !je16_to_cpu(node->nodetype) &&
|
||||||
|
!je16_to_cpu(node->magic) && !je32_to_cpu(node->totlen)) {
|
||||||
|
noisy_printk(&noise, "jffs2_scan_eraseblock(): All zero node header at 0x%08x.\n", ofs);
|
||||||
|
if ((err = jffs2_scan_dirty_space(c, jeb, 4)))
|
||||||
|
return err;
|
||||||
|
ofs += 4;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
if (ofs + je32_to_cpu(node->totlen) >
|
if (ofs + je32_to_cpu(node->totlen) >
|
||||||
jeb->offset + c->sector_size) {
|
jeb->offset + c->sector_size) {
|
||||||
|
|
Загрузка…
Ссылка в новой задаче