GNU bug report logs - #76648
Crash trying to parse nilfs2 superblock

Previous Next

Package: parted;

Reported by: "Butenko, Anton" <abutenko <at> akamai.com>

Date: Fri, 28 Feb 2025 17:37:03 UTC

Severity: normal

Done: "Brian C. Lane" <bcl <at> redhat.com>

Full log

Message #8 received at 76648 <at> debbugs.gnu.org (full text, mbox):

From: "Butenko, Anton" <abutenko <at> akamai.com>
To: "76648 <at> debbugs.gnu.org" <76648 <at> debbugs.gnu.org>
Subject: bug#76648: [PATCH] Crash trying to parse nilfs2 superblock
Date: Fri, 28 Feb 2025 18:15:10 +0000

[Message part 1 (text/plain, inline)]
Sorry,

missed the attachment in the bug report.
Here it is.

Regards,
Anton Butenko


From: bug-parted-bounces+abutenko=akamai.com <at> gnu.org <bug-parted-bounces+abutenko=akamai.com <at> gnu.org> on behalf of Butenko, Anton via Bug reports for the GNU Parted disk partition editor <bug-parted <at> gnu.org>
Date: Friday, February 28, 2025 at 7:38 PM
To: 76648 <at> debbugs.gnu.org <76648 <at> debbugs.gnu.org>
Subject: bug#76648: Crash trying to parse nilfs2 superblock
Hello,

I was checking how good is fix of

https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34392<https://urldefense.com/v3/__https:/debbugs.gnu.org/cgi/bugreport.cgi?bug=34392__;!!GjvTz_vk!Q2wpJUqJqmxEQ7B-gplH7IdiXErC9p8ERP8uziC7BdsFfqE1iwSDUqZ9gBYh5W3IPHjqrK1hx5LNZxy7GQ$>
“Avoid sigsegv in case 2nd nilfs2 superblock magic accidently found.”
In systemd, libblkid and parted and found a slight possibility of crash in parted regarding to the changes in the referred bug.
The parted fix includes a chance to crash in case of nilfs2 superblock having correct magic, but corrupted “bytes” field (value in range from 12 to 20).

I’ve modified the code to avoid the sigsegv and align implementation with the libblkid implementation:
https://github.com/util-linux/util-linux/commit/ac681a310c32319423297544833932f4d689a7a2<https://urldefense.com/v3/__https:/github.com/util-linux/util-linux/commit/ac681a310c32319423297544833932f4d689a7a2__;!!GjvTz_vk!Q2wpJUqJqmxEQ7B-gplH7IdiXErC9p8ERP8uziC7BdsFfqE1iwSDUqZ9gBYh5W3IPHjqrK1hx5LfPlqTcQ$>
And modified t4301-nilfs2-badsb2.sh test code to trigger this case as well as the previously reported one.

I've attached a patch with my modifications. Can you, please, look at it?

Regards,
Anton Butenko

[Message part 2 (text/html, inline)]
[0001-Fixed-possible-sigsegv-in-case-of-corrupted-nilfs2-s.patch (application/octet-stream, attachment)]
This bug report was last modified 19 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.