git.baikalelectronics.ru Git - kernel.git/commit

author	Brian Foster <bfoster@redhat.com>
	Mon, 9 Nov 2015 23:10:33 +0000 (10:10 +1100)
committer	Dave Chinner <david@fromorbit.com>
	Mon, 9 Nov 2015 23:10:33 +0000 (10:10 +1100)
commit	8aec31b4961e0c5c920f700932bef17cb3ba1870
tree	b333bc5711885b779cfbad33f1858e5095b10135	tree \| snapshot
parent	641a71ba695aa005ebb3ac0fd5c2e1cfd936e9bd	commit \| diff

xfs: fix log recovery op header validation assert

Commit c2d90ba3 ("xfs: validate transaction header length on log
recovery") added additional validation of the on-disk op header length
to protect from buffer overflow during log recovery. It accounts for the
fact that the transaction header can be split across multiple op
headers. It added an assert for when this occurs that verifies the
length of the second part of a split transaction header is less than a
full transaction header. In other words, it expects that the first op
header of a split transaction header includes at least some portion of
the transaction header.

This expectation is not always valid as a zero-length op header can
exist for the first op header of a split transaction header (see
xlog_recover_add_to_trans() for details). This means that the second op
header can have a valid, full length transaction header and thus the
full header is copied in xlog_recover_add_to_cont_trans(). Fix the
assert in xlog_recover_add_to_cont_trans() to handle this case correctly
and require that the op header length is less than or equal to a full
transaction header.

Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>