Commit 817794e0 authored by Kirill Kuvaldin's avatar Kirill Kuvaldin Committed by Linus Torvalds

isofs: mounting to regular file may succeed

It turned out that mounting a corrupted ISO image to a regular file may
succeed, e.g.  if an image was prepared as follows:

$ dd if=correct.iso of=bad.iso bs=4k count=8

We then can mount it to a regular file:

# mount -o loop -t iso9660 bad.iso /tmp/file

But mounting it to a directory fails with -ENOTDIR, simply because
the root directory inode doesn't have S_IFDIR set and the condition
in graft_tree() is met:

	if (S_ISDIR(nd->dentry->d_inode->i_mode) !=
	      S_ISDIR(mnt->mnt_root->d_inode->i_mode))
		return -ENOTDIR

This is because the root directory inode was read from an incorrect
block. It's supposed to be read from sbi->s_firstdatazone, which is
an absolute value and gets messed up in the case of an incorrect image.

In order to somehow circumvent this we have to check that the root
directory inode is actually a directory after all.
Signed-off-by: default avatarKirill Kuvaldin <kuvkir@epsmu.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 541510fc
...@@ -846,6 +846,15 @@ root_found: ...@@ -846,6 +846,15 @@ root_found:
goto out_no_root; goto out_no_root;
if (!inode->i_op) if (!inode->i_op)
goto out_bad_root; goto out_bad_root;
/* Make sure the root inode is a directory */
if (!S_ISDIR(inode->i_mode)) {
printk(KERN_WARNING
"isofs_fill_super: root inode is not a directory. "
"Corrupted media?\n");
goto out_iput;
}
/* get the root dentry */ /* get the root dentry */
s->s_root = d_alloc_root(inode); s->s_root = d_alloc_root(inode);
if (!(s->s_root)) if (!(s->s_root))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment