Fix panic when loading an invalid superblock

nicholasbishop · nicholasbishop · commit 8261309bed30 · 2024-11-14T09:20:13.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## Unreleased
+
+* Fixed a panic when loading an invalid superblock.
+
 ## 0.6.0
 
 * MSRV increased to `1.81`.
diff --git a/src/error.rs b/src/error.rs
@@ -154,6 +154,9 @@ pub enum Corrupt {
     /// Superblock checksum is invalid.
     SuperblockChecksum,
 
+    /// The block size in the superblock is invalid.
+    InvalidBlockSize,
+
     /// The number of block groups does not fit in a [`u32`].
     TooManyBlockGroups,
 
@@ -232,6 +235,7 @@ impl Display for Corrupt {
             Self::SuperblockChecksum => {
                 write!(f, "invalid superblock checksum")
             }
+            Self::InvalidBlockSize => write!(f, "invalid block size"),
             Self::TooManyBlockGroups => write!(f, "too many block groups"),
             Self::BlockGroupDescriptor(block_group_num) => {
                 write!(f, "block group descriptor {block_group_num} is invalid")
diff --git a/src/superblock.rs b/src/superblock.rs
@@ -65,7 +65,8 @@ impl Superblock {
 
         let blocks_count = u64_from_hilo(s_blocks_count_hi, s_blocks_count_lo);
 
-        let block_size = 2u32.pow(10 + s_log_block_size);
+        let block_size = calc_block_size(s_log_block_size)
+            .ok_or(Ext4Error::Corrupt(Corrupt::InvalidBlockSize))?;
 
         if s_magic != 0xef53 {
             return Err(Ext4Error::Corrupt(Corrupt::SuperblockMagic));
@@ -132,6 +133,11 @@ impl Superblock {
     }
 }
 
+fn calc_block_size(s_log_block_size: u32) -> Option<u32> {
+    let exp = s_log_block_size.checked_add(10)?;
+    2u32.checked_pow(exp)
+}
+
 fn check_incompat_features(
     s_feature_incompat: u32,
 ) -> Result<IncompatibleFeatures, Incompatible> {
diff --git a/test_data/not_ext4.bin b/test_data/not_ext4.bin
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e2040d8cde75222a96eecd1e066e546cc0dd51435cdf5897e0d7379b6d6409b8
+size 1024
diff --git a/tests/integration/ext4.rs b/tests/integration/ext4.rs
@@ -76,6 +76,24 @@ fn test_load_path_error() {
     ));
 }
 
+/// Test that loading the data from
+/// https://github.com/nicholasbishop/ext4-view-rs/issues/280 does not
+/// panic.
+#[test]
+fn test_invalid_ext4_data() {
+    // Fill in zeros for the first 1024 bytes, then add the test data.
+    let mut data = vec![0; 1024];
+    data.extend(include_bytes!("../../test_data/not_ext4.bin"));
+
+    assert_eq!(
+        *Ext4::load(Box::new(data))
+            .unwrap_err()
+            .as_corrupt()
+            .unwrap(),
+        Corrupt::InvalidBlockSize
+    );
+}
+
 #[test]
 fn test_canonicalize() {
     let fs = load_test_disk1();

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:e2040d8cde75222a96eecd1e066e546cc0dd51435cdf5897e0d7379b6d6409b8`
	`3`	`+size 1024`