[PATCH] don't divide by 0 when trying to mount ext3

From: Andries Brouwer
Date: Mon Nov 08 2004 - 15:02:54 EST


Not surprisingly, the ext3 code crashes in the same way
the ext2 code does when dividing by zero.

diff -uprN -X /linux/dontdiff a/fs/ext3/super.c b/fs/ext3/super.c
--- a/fs/ext3/super.c 2004-10-30 21:44:02.000000000 +0200
+++ b/fs/ext3/super.c 2004-11-08 20:55:30.000000000 +0100
@@ -1259,13 +1259,8 @@ static int ext3_fill_super (struct super
es = (struct ext3_super_block *) (((char *)bh->b_data) + offset);
sbi->s_es = es;
sb->s_magic = le16_to_cpu(es->s_magic);
- if (sb->s_magic != EXT3_SUPER_MAGIC) {
- if (!silent)
- printk(KERN_ERR
- "VFS: Can't find ext3 filesystem on dev %s.\n",
- sb->s_id);
- goto failed_mount;
- }
+ if (sb->s_magic != EXT3_SUPER_MAGIC)
+ goto cantfind_ext3;

/* Set defaults before we parse the mount options */
def_mount_opts = le32_to_cpu(es->s_default_mount_opts);
@@ -1397,8 +1392,13 @@ static int ext3_fill_super (struct super
sbi->s_blocks_per_group = le32_to_cpu(es->s_blocks_per_group);
sbi->s_frags_per_group = le32_to_cpu(es->s_frags_per_group);
sbi->s_inodes_per_group = le32_to_cpu(es->s_inodes_per_group);
+ if (EXT3_INODE_SIZE(sb) == 0)
+ goto cantfind_ext3;
sbi->s_inodes_per_block = blocksize / EXT3_INODE_SIZE(sb);
- sbi->s_itb_per_group = sbi->s_inodes_per_group /sbi->s_inodes_per_block;
+ if (sbi->s_inodes_per_block == 0)
+ goto cantfind_ext3;
+ sbi->s_itb_per_group = sbi->s_inodes_per_group /
+ sbi->s_inodes_per_block;
sbi->s_desc_per_block = blocksize / sizeof(struct ext3_group_desc);
sbi->s_sbh = bh;
sbi->s_mount_state = le16_to_cpu(es->s_state);
@@ -1427,6 +1427,8 @@ static int ext3_fill_super (struct super
goto failed_mount;
}

+ if (EXT3_BLOCKS_PER_GROUP(sb) == 0)
+ goto cantfind_ext3;
sbi->s_groups_count = (le32_to_cpu(es->s_blocks_count) -
le32_to_cpu(es->s_first_data_block) +
EXT3_BLOCKS_PER_GROUP(sb) - 1) /
@@ -1579,6 +1581,12 @@ static int ext3_fill_super (struct super

return 0;

+cantfind_ext3:
+ if (!silent)
+ printk(KERN_ERR "VFS: Can't find ext3 filesystem on dev %s.\n",
+ sb->s_id);
+ goto failed_mount;
+
failed_mount3:
journal_destroy(sbi->s_journal);
failed_mount2:
@@ -1588,10 +1596,8 @@ failed_mount2:
kfree(sbi->s_group_desc);
failed_mount:
#ifdef CONFIG_QUOTA
- for (i = 0; i < MAXQUOTAS; i++) {
- if (sbi->s_qf_names[i])
- kfree(sbi->s_qf_names[i]);
- }
+ for (i = 0; i < MAXQUOTAS; i++)
+ kfree(sbi->s_qf_names[i]);
#endif
ext3_blkdev_remove(sbi);
brelse(bh);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/