[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#12656: WG: Re[4]: bug#12656: cp since 8.11 corrupts files
From: |
Bernhard Voelker |
Subject: |
bug#12656: WG: Re[4]: bug#12656: cp since 8.11 corrupts files |
Date: |
Sun, 21 Oct 2012 11:41:20 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120825 Thunderbird/15.0 |
On 10/17/2012 10:44 AM, Jim Meyering wrote:
> From a5365003c88f4fce6293827c13f90acd0b5bd0cc Mon Sep 17 00:00:00 2001
> From: Jim Meyering <address@hidden>
> Date: Tue, 16 Oct 2012 17:43:49 +0200
> Subject: [PATCH] cp: avoid data-corrupting free-memory-read
>
> * src/extent-scan.c (extent_scan_read): Reset our last_ei
> pointer whenever the parent buffer might have just been freed.
> * tests/cp/fiemap-extent-FMR.sh: New test.
> * tests/local.mk (all_tests): Add it.
> * NEWS (Bug fixes): Mention it.
> Reported by Mike Gerth in http://bugs.gnu.org/12656, and with
> help from Alan Curry. Bug introduced in commit v8.10-60-g18f5a85.
> ---
> NEWS | 4 ++++
> src/extent-scan.c | 12 +++++++++---
> tests/cp/fiemap-FMR.sh | 31 +++++++++++++++++++++++++++++++
> tests/local.mk | 1 +
> 4 files changed, 45 insertions(+), 3 deletions(-)
> create mode 100755 tests/cp/fiemap-FMR.sh
>
> diff --git a/NEWS b/NEWS
> index aff5bf1..46ce698 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -12,6 +12,10 @@ GNU coreutils NEWS -*-
> outline -*-
>
> ** Bug fixes
>
> + cp could read from freed memory and could even make corrupt copies.
> + This could happen only with a very fragmented input file and when using
> + its FIEMAP/extent-based copying code. [bug introduced in coreutils-8.11]
As the bug is in extent-scan.c, doesn't it also affect mv (and ginstall)?
In src/local.mk:
copy_sources = \
src/copy.c \
src/cp-hash.c \
src/extent-scan.c \
src/extent-scan.h
...
src_ginstall_SOURCES = src/install.c src/prog-fprintf.c $(copy_sources)
...
src_cp_SOURCES = src/cp.c $(copy_sources)
...
src_mv_SOURCES = src/mv.c src/remove.c $(copy_sources)
Have a nice day,
Berny
bug#12656: WG: Re[4]: bug#12656: cp since 8.11 corrupts files, m . gerth, 2012/10/16