[PATCH] XFS ftruncate() bug could expose stale data (CVE-2006-0554)

This is CVE-2006-0554 and SGI bug 942658.  With certain types of
ftruncate() activity on 2.6 kernels, XFS can end up exposing stale
data off disk to a user, putting extents where holes should be.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>

diff --git a/fs/xfs/linux-2.6/xfs_aops.c b/fs/xfs/linux-2.6/xfs_aops.c
index 94d3cdfbf9b8054a502b976fb8c7825837bbf85c..c4ac008a52017e71afbd77f3f5d4b0f89a5ee642 100644 (file)
--- a/fs/xfs/linux-2.6/xfs_aops.c
+++ b/fs/xfs/linux-2.6/xfs_aops.c
@@ -385,7 +385,7 @@ xfs_probe_unmapped_cluster(
 
        /* First sum forwards in this page */
        do {
-               if (buffer_mapped(bh))
+               if (buffer_mapped(bh) || !buffer_uptodate(bh))
                        break;
                total += bh->b_size;
        } while ((bh = bh->b_this_page) != head);