The branch main has been updated by mckusick: URL: https://cgit.FreeBSD.org/src/commit/?id=b796bfce48698449470b751de6b0d96ae7047202
commit b796bfce48698449470b751de6b0d96ae7047202 Author: Kirk McKusick <[email protected]> AuthorDate: 2023-05-28 22:23:16 +0000 Commit: Kirk McKusick <[email protected]> CommitDate: 2023-05-28 22:23:37 +0000 Fix a bug in fsck_ffs(8) triggered by corrupted filesystems. Check for valid block numbers while loading journal entries that contain block numbers. If an invalid block number is found, fall back to full fsck. Reported-by: Robert Morris PR: 271383 MFC-after: 1 week Sponsored-by: The FreeBSD Foundation --- sbin/fsck_ffs/suj.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sbin/fsck_ffs/suj.c b/sbin/fsck_ffs/suj.c index d51e0ff4d83b..c86d6b711635 100644 --- a/sbin/fsck_ffs/suj.c +++ b/sbin/fsck_ffs/suj.c @@ -736,7 +736,7 @@ indir_visit(ino_t ino, ufs_lbn_t lbn, ufs2_daddr_t blk, uint64_t *frags, lbnadd *= NINDIR(fs); bp = getdatablk(blk, fs->fs_bsize, BT_LEVEL1 + level); if (bp->b_errs != 0) - err_suj("indir_visit: UNRECOVERABLE I/O ERROR"); + err_suj("indir_visit: UNRECOVERABLE I/O ERROR\n"); for (i = 0; i < NINDIR(fs); i++) { if ((nblk = IBLK(bp, i)) == 0) continue; @@ -1918,6 +1918,9 @@ blk_build(struct jblkrec *blkrec) blk = blknum(fs, blkrec->jb_blkno); frag = fragnum(fs, blkrec->jb_blkno); + if (blkrec->jb_blkno < 0 || blk + fs->fs_frag - frag > fs->fs_size) + err_suj("Out-of-bounds journal block number %jd\n", + blkrec->jb_blkno); sblk = blk_lookup(blk, 1); /* * Rewrite the record using oldfrags to indicate the offset into
