• Eric Sandeen's avatar
    [PATCH] reject corrupt swapfiles earlier · 5d1854e1
    Eric Sandeen authored
    The fsfuzzer found this; with a corrupt small swapfile that claims to have
    many pages:
    
      [root]# file swap.741.img
      swap.741.img: Linux/i386 swap file (new style) 1 (4K pages) size 1040191487 pages
      [root]# ls -l swap.741.img
      -rw-r--r-- 1 root root 16777216 Nov 22 05:18 swap.741.img
    
    sys_swapon() will try to vmalloc all those pages, and -then- check to see if
    the file is actually that large:
    
                    if (!(p->swap_map = vmalloc(maxpages * sizeof(short)))) {
      <snip>
            if (swapfilesize && maxpages > swapfilesize) {
                    printk(KERN_WARNING
                           "Swap area shorter than signature indicates\n");
    
    It seems to me that it would make more sense to move this test up before
    the vmalloc, with the other checks, to avoid the OOM-killer in this
    situation...
    Signed-off-by: default avatarEric Sandeen <sandeen@redhat.com>
    Cc: Hugh Dickins <hugh@veritas.com>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    5d1854e1
swapfile.c 43.2 KB