Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 24 Dec 1995 16:08:18 +0900
From:      KATO Takenori <kato@eclogite.eps.nagoya-u.ac.jp>
To:        current@freebsd.org
Subject:   return value of ffs_blkpref()
Message-ID:  <199512240708.QAA00452@marble.eps.nagoya-u.ac.jp>

next in thread | raw e-mail | index | archive | help
The return value of ffs_blkpref() is checked in most cases like
	if (pref >= fs_fs_size)
		pref = 0;
to avoid miserable destruction of file system (c.f. ffs_alloc()
function). 

However, the value set in ffs_reallocblks() has never been checked. 

In this function, the value is set by

	[line 397 in ffs_alloc.c]
	pref = ffs_blkpref(ip, start_lbn, soff, sbap);

Then, pref variable is used by

	[line 416 in ffs_alloc.c]
	if ((newblk = (daddr_t)ffs_hashalloc(ip, dtog(fs, pref), (long)pref,
	    len, ffs_clusteralloc)) == 0)

The ffs_hashalloc function calls ffs_clusteralloc() at

	[line 704 in ffs_alloc.c]
	result = (*allocater)(ip, cg, pref, size);

But ffs_clusteralloc doesn't check pref is correct or not.

Why doesn't this function test pref though other functions do?  I
think this may clobber the file system when pref points the
non-existent block in last cylinder group.

----
KATO Takenori
Dept. Earth Planet. Sci. Nagoya Univ.  Nagoya 464-01
Voice: +81-52-789-2529   E-mail: kato@eclogite.eps.nagoya-u.ac.jp



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199512240708.QAA00452>