ext4: fix fencepost error in check for inode count overflow during resize
authorJan Kara <jack@suse.cz>
Fri, 25 May 2018 16:51:25 +0000 (12:51 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Fri, 25 May 2018 16:51:25 +0000 (12:51 -0400)
ext4_resize_fs() has an off-by-one bug when checking whether growing of
a filesystem will not overflow inode count. As a result it allows a
filesystem with 8192 inodes per group to grow to 64TB which overflows
inode count to 0 and makes filesystem unusable. Fix it.

Cc: stable@vger.kernel.org
Fixes: 3f8a6411fbada1fa482276591e037f3b1adcf55b
Reported-by: Jaco Kroon <jaco@uls.co.za>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
fs/ext4/resize.c

index b6bec270a8e48a340d5223e120f50f45429b14c1..d792b7689d92c23234cbc6d3158d75d307d8ba3b 100644 (file)
@@ -1933,7 +1933,7 @@ retry:
                return 0;
 
        n_group = ext4_get_group_number(sb, n_blocks_count - 1);
                return 0;
 
        n_group = ext4_get_group_number(sb, n_blocks_count - 1);
-       if (n_group > (0xFFFFFFFFUL / EXT4_INODES_PER_GROUP(sb))) {
+       if (n_group >= (0xFFFFFFFFUL / EXT4_INODES_PER_GROUP(sb))) {
                ext4_warning(sb, "resize would cause inodes_count overflow");
                return -EINVAL;
        }
                ext4_warning(sb, "resize would cause inodes_count overflow");
                return -EINVAL;
        }