Filesystem specific information in inode overwritten

Mikulas Patocka (mikulas@artax.karlin.mff.cuni.cz)
Thu, 4 Feb 1999 20:36:00 +0100 (CET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Geoffrey Hardy: "Re: adaptec ava-1505 card"
Previous message: Tom Sightler: "Re: Cx486SRx2 (Re: cx5x86mod)"

Look at unit 'u' in inode structure in fs.h
You see that pipe_inode_info and socket share space with filesystem
specific information.

Now, the problem:
You create pipe or socket and use it. Then you chmod or chown it.
VFS functions notify_change and write_inode are called. These functions
expect filesystem information in union u, but it was overwritten.

On ext2 and ufs it doesn't cause trouble because only __u32 i_data[15] is
overwritten and it's not used in pipes and sockets. But if someone swaps
items in ext2_inode_info or if pipe_inode_info grows to more than 60
bytes, inode will be corrupted.

On my r/w HPFS it causes problems.

Mikulas Patocka

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Geoffrey Hardy: "Re: adaptec ava-1505 card"
Previous message: Tom Sightler: "Re: Cx486SRx2 (Re: cx5x86mod)"