ext4: check inline directory before converting

Before converting an inline directory to a regular directory, check
the directory entries to make sure they're not obviously broken.
This helps us to avoid a BUG_ON if one of the dirents is trashed.
......@@ -571,6 +571,31 @@ static int ext4_release_dir(struct inode *inode, struct file *filp)
return 0;
int ext4_check_all_de(struct inode *dir, struct buffer_head *bh, void *buf,
int buf_size)
struct ext4_dir_entry_2 *de;
int nlen, rlen;
unsigned int offset = 0;
char *top;
de = (struct ext4_dir_entry_2 *)buf;
top = buf + buf_size;
while ((char *) de < top) {
if (ext4_check_dir_entry(dir, NULL, de, bh,
buf, buf_size, offset))
return -EIO;
nlen = EXT4_DIR_REC_LEN(de->name_len);
rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);
de = (struct ext4_dir_entry_2 *)((char *)de + rlen);
offset += rlen;
if ((char *) de > top)
return -EIO;
return 0;
const struct file_operations ext4_dir_operations = {
.llseek = ext4_dir_llseek,
.read = generic_read_dir,
......@@ -2028,6 +2028,8 @@ static inline unsigned char get_dtype(struct super_block *sb, int filetype)
return ext4_filetype_table[filetype];
extern int ext4_check_all_de(struct inode *dir, struct buffer_head *bh,
void *buf, int buf_size);
/* fsync.c */
extern int ext4_sync_file(struct file *, loff_t, loff_t, int);
......@@ -1172,6 +1172,18 @@ static int ext4_convert_inline_data_nolock(handle_t *handle,
if (error < 0)
goto out;
* Make sure the inline directory entries pass checks before we try to
* convert them, so that we avoid touching stuff that needs fsck.
if (S_ISDIR(inode->i_mode)) {
error = ext4_check_all_de(inode, iloc->bh,
inline_size - EXT4_INLINE_DOTDOT_SIZE);
if (error)
goto out;
error = ext4_destroy_inline_data_nolock(handle, inode);
if (error)
goto out;
