libxfs: add more bounds checking to sb sanity checks

Current sb verifier doesn't check bounds on sb_fdblocks and sb_ifree.
Add sanity checks for these parameters.

Signed-off-by: Bill O'Donnell <billodo@redhat.com>
[darrick: port to refactored sb validation predicates]
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>

diff --git a/fs/xfs/libxfs/xfs_sb.c b/fs/xfs/libxfs/xfs_sb.c
index f3835e9..3d29f4a 100644 (file)
--- a/fs/xfs/libxfs/xfs_sb.c
+++ b/fs/xfs/libxfs/xfs_sb.c
@@ -150,6 +150,18 @@ xfs_validate_sb_write(
        struct xfs_mount        *mp,
        struct xfs_sb           *sbp)
 {
+       /*
+        * Carry out additional sb summary counter sanity checks when we write
+        * the superblock.  We skip this in the read validator because there
+        * could be newer superblocks in the log and if the values are garbage
+        * we'll recalculate them at the end of log mount.
+        */
+       if (sbp->sb_fdblocks > sbp->sb_dblocks ||
+           sbp->sb_ifree > sbp->sb_icount) {
+               xfs_warn(mp, "SB summary counter sanity check failed");
+               return -EFSCORRUPTED;
+       }
+
        if (XFS_SB_VERSION_NUM(sbp) != XFS_SB_VERSION_5)
                return 0;