From e96921bcaa059f1c7a5a7b3e3c3b02bb6a008f51 Mon Sep 17 00:00:00 2001
From: Zhang Yu <zhangyu-fnst@cn.fujitsu.com>
Date: Thu, 24 Aug 2017 18:38:41 +0800
Subject: [PATCH] Btrfs-progs: print-tree: check num_stripes in print_chunk

[TEST/fuzz] case: 004-simple-dump-tree

Since the wrong key(DATA_RELOC_TREE CHUNK_ITEM 0) in root tree,
error calling print_chunk(), resulting in num_stripes == 0.

ERROR:
     [TEST/fuzz]   004-simple-dump-tree
ctree.h:317: btrfs_chunk_item_size: BUG_ON `num_stripes == 0`
        triggered, value 1

failed (ignored, ret=134): /myproject/btrfs-progs/btrfs
inspect-internal dump-tree
/myproject/btrfs-progs/tests/fuzz-tests/images/
bko-155201-wrong-chunk-item-in-root-tree.raw.restored

test failed for case 004-simple-dump-tree
Makefile:288: recipe for target 'test-fuzz' failed
make: *** [test-fuzz] Error 1

So, check on num_stripes in print_chunk

Signed-off-by: Zhang Yu <zhangyu-fnst@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
---
 print-tree.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/print-tree.c b/print-tree.c
index c752ba25..6e6b69b8 100644
--- a/print-tree.c
+++ b/print-tree.c
@@ -198,9 +198,17 @@ void print_chunk_item(struct extent_buffer *eb, struct btrfs_chunk *chunk)
 {
 	u16 num_stripes = btrfs_chunk_num_stripes(eb, chunk);
 	int i;
-	u32 chunk_item_size = btrfs_chunk_item_size(num_stripes);
+	u32 chunk_item_size;
 	char chunk_flags_str[32] = {0};
 
+	/* The chunk must contain at least one stripe */
+	if (num_stripes < 1) {
+		printf("invalid num_stripes: %u\n", num_stripes);
+		return;
+	}
+
+	chunk_item_size = btrfs_chunk_item_size(num_stripes);
+
 	if ((unsigned long)chunk + chunk_item_size > eb->len) {
 		printf("\t\tchunk item invalid\n");
 		return;