+++ /dev/null
-# HG changeset patch
-# User tytso@mit.edu
-# Date Mon Jul 4 17:53:36 2005
-# Node ID 0502b63a5be9cb490c0c9086fa05edc1b1712a78
-# parent: cfa81ec1f92f63b70060bc4340e830adc635c8c4
-[BUGFIX]: E2fsck will segfault on disconnected inode with extended attribute(s)
-
-This was actually caused by two bugs. The first bug is that if the
-inode has been fully fixed up, the code will attempt to remove the
-inode from the inode_bad_map without checking to see if this bitmap is
-present. Since it is cleared at the end of pass 2, if
-e2fsck_process_bad_inode is called in pass 4 (as it is for
-disconnected inodes), this would result in a core dump.
-
-The first bug was mostly hidden by a second bug, which caused
-e2fsck_process_bad_inode() to consider all inodes without an extended
-attribute to be not fixed.
-
-Note: This bug was introduced in e2fsprogs 1.36.
-
-(Addresses Debian Bug: #316736)
-
-
-
---- a/e2fsck/ChangeLog Mon Jul 4 17:24:40 2005
-+++ b/e2fsck/ChangeLog Mon Jul 4 17:53:36 2005
-@@ -1,3 +1,19 @@
-+2005-07-04 Theodore Ts'o <tytso@mit.edu>
-+
-+ * pass2.c (e2fsck_process_bad_inode): Fixed bug which could cause
-+ e2fsck to core dump if a disconnected inode contained an
-+ extended attribute. This was actually caused by two bugs.
-+ The first bug is that if the inode has been fully fixed
-+ up, the code will attempt to remove the inode from the
-+ inode_bad_map without checking to see if this bitmap is
-+ present. Since it is cleared at the end of pass 2, if
-+ e2fsck_process_bad_inode is called in pass 4 (as it is for
-+ disconnected inodes), this would result in a core dump.
-+ This bug was mostly hidden by a second bug, which caused
-+ e2fsck_process_bad_inode() to consider all inodes without
-+ an extended attribute to be not fixed. (Addresses Debian
-+ Bug: #316736)
-+
- 2006-06-30 Theodore Ts'o <tytso@mit.edu>
-
- * Release of E2fsprogs 1.38
---- a/e2fsck/pass2.c Mon Jul 4 17:24:40 2005
-+++ b/e2fsck/pass2.c Mon Jul 4 17:53:36 2005
-@@ -1184,27 +1184,29 @@
- pctx.inode = &inode;
-
- if (inode.i_file_acl &&
-- !(fs->super->s_feature_compat & EXT2_FEATURE_COMPAT_EXT_ATTR) &&
-- fix_problem(ctx, PR_2_FILE_ACL_ZERO, &pctx)) {
-- inode.i_file_acl = 0;
-+ !(fs->super->s_feature_compat & EXT2_FEATURE_COMPAT_EXT_ATTR)) {
-+ if (fix_problem(ctx, PR_2_FILE_ACL_ZERO, &pctx)) {
-+ inode.i_file_acl = 0;
- #ifdef EXT2FS_ENABLE_SWAPFS
-- /*
-- * This is a special kludge to deal with long symlinks
-- * on big endian systems. i_blocks had already been
-- * decremented earlier in pass 1, but since i_file_acl
-- * hadn't yet been cleared, ext2fs_read_inode()
-- * assumed that the file was short symlink and would
-- * not have byte swapped i_block[0]. Hence, we have
-- * to byte-swap it here.
-- */
-- if (LINUX_S_ISLNK(inode.i_mode) &&
-- (fs->flags & EXT2_FLAG_SWAP_BYTES) &&
-- (inode.i_blocks == fs->blocksize >> 9))
-- inode.i_block[0] = ext2fs_swab32(inode.i_block[0]);
-+ /*
-+ * This is a special kludge to deal with long
-+ * symlinks on big endian systems. i_blocks
-+ * had already been decremented earlier in
-+ * pass 1, but since i_file_acl hadn't yet
-+ * been cleared, ext2fs_read_inode() assumed
-+ * that the file was short symlink and would
-+ * not have byte swapped i_block[0]. Hence,
-+ * we have to byte-swap it here.
-+ */
-+ if (LINUX_S_ISLNK(inode.i_mode) &&
-+ (fs->flags & EXT2_FLAG_SWAP_BYTES) &&
-+ (inode.i_blocks == fs->blocksize >> 9))
-+ inode.i_block[0] = ext2fs_swab32(inode.i_block[0]);
- #endif
-- inode_modified++;
-- } else
-- not_fixed++;
-+ inode_modified++;
-+ } else
-+ not_fixed++;
-+ }
-
- if (!LINUX_S_ISDIR(inode.i_mode) && !LINUX_S_ISREG(inode.i_mode) &&
- !LINUX_S_ISCHR(inode.i_mode) && !LINUX_S_ISBLK(inode.i_mode) &&
-@@ -1302,7 +1304,7 @@
-
- if (inode_modified)
- e2fsck_write_inode(ctx, ino, &inode, "process_bad_inode");
-- if (!not_fixed)
-+ if (!not_fixed && ctx->inode_bad_map)
- ext2fs_unmark_inode_bitmap(ctx->inode_bad_map, ino);
- return 0;
- }
-