git.openpandora.org / pandora-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
udf: Verify i_size when loading inode
[pandora-kernel.git] / fs / udf / inode.c
diff --git a/fs/udf/inode.c b/fs/udf/inode.c
index a0f6ded..2a706bb 100644 (file)
--- a/fs/udf/inode.c
+++ b/fs/udf/inode.c
@@ -1403,6 +1403,24 @@ static void udf_fill_inode(struct inode *inode, struct buffer_head *bh)
                                                        iinfo->i_lenEAttr;
        }
 
+       /* Sanity checks for files in ICB so that we don't get confused later */
+       if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) {
+               /*
+                * For file in ICB data is stored in allocation descriptor
+                * so sizes should match
+                */
+               if (iinfo->i_lenAlloc != inode->i_size) {
+                       make_bad_inode(inode);
+                       return;
+               }
+               /* File in ICB has to fit in there... */
+               if (inode->i_size > inode->i_sb->s_blocksize -
+                                       udf_file_entry_alloc_offset(inode)) {
+                       make_bad_inode(inode);
+                       return;
+               }
+       }
+
        switch (fe->icbTag.fileType) {
        case ICBTAG_FILE_TYPE_DIRECTORY:
                inode->i_op = &udf_dir_inode_operations;
Pandora Kernel Repository