2005-10-07 04:42:46

by Simon Horman

[permalink] [raw]
Subject: Re: [PATCH] hfs, hfsplus: don't leak s_fs_info and fix an oops

I have been looking over CAN-2005-3109, better known as
the hfs, hfsplus leak and oops, and I am wondering if the
problem is present in 2.4

I took a look at making a backport, and it seems that
some of the problems are there, but without a deeper inspection
of the code its difficult to tell if the problems manifest or not.

For reference, here is the 2.6 variant of the change:
http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f

I can futher my backport effort and post it for inspection if need be.

--
Horms


2005-10-07 07:10:38

by Colin Leroy

[permalink] [raw]
Subject: Re: [PATCH] hfs, hfsplus: don't leak s_fs_info and fix an oops

On 07 Oct 2005 at 13h10, Horms wrote:

Hi,

> I took a look at making a backport, and it seems that
> some of the problems are there, but without a deeper inspection
> of the code its difficult to tell if the problems manifest or not.

That was easy to get the oops:

$ dd if=/dev/zero of=im_not_hfsplus count=10 #for example
$ mkdir test_dir
$ sudo mount -o loop -t hfsplus ./im_not_hfsplus ./testdir
$ dmesg

--
Colin

2005-10-07 07:34:15

by Simon Horman [Horms]

[permalink] [raw]
Subject: Re: [PATCH] hfs, hfsplus: don't leak s_fs_info and fix an oops

On Fri, Oct 07, 2005 at 09:10:05AM +0200, Colin Leroy wrote:
> On 07 Oct 2005 at 13h10, Horms wrote:
>
> Hi,
>
> > I took a look at making a backport, and it seems that
> > some of the problems are there, but without a deeper inspection
> > of the code its difficult to tell if the problems manifest or not.
>
> That was easy to get the oops:
>
> $ dd if=/dev/zero of=im_not_hfsplus count=10 #for example
> $ mkdir test_dir
> $ sudo mount -o loop -t hfsplus ./im_not_hfsplus ./testdir
> $ dmesg

Silly me, I should have thought of that :-)

--
Horms

2005-11-29 04:16:41

by Simon Horman

[permalink] [raw]
Subject: Re: [PATCH] hfs, hfsplus: don't leak s_fs_info and fix an oops

On Fri, Oct 07, 2005 at 09:10:05AM +0200, Colin Leroy wrote:
> On 07 Oct 2005 at 13h10, Horms wrote:
>
> Hi,
>
> > I took a look at making a backport, and it seems that
> > some of the problems are there, but without a deeper inspection
> > of the code its difficult to tell if the problems manifest or not.
>
> That was easy to get the oops:
>
> $ dd if=/dev/zero of=im_not_hfsplus count=10 #for example
> $ mkdir test_dir
> $ sudo mount -o loop -t hfsplus ./im_not_hfsplus ./testdir
> $ dmesg

After an extended delay I have been able to confirm that the above
commands do not cause 2.4 (Debian's 2.4.27) to do anything unusal.

Mount just reports:
mount: wrong fs type, bad option, bad superblock on /dev/loop0,
or too many mounted file systems

And there is nothing exciting in dmsg:
loop: loaded (max 8 devices)
HFS+-fs: unable to find HFS+ superblock
HFS+-fs: unable to find HFS+ superblock
HFS+-fs: unable to find HFS+ superblock

Thus it seems that 2.4 does not suffer from this bug.

--
Horms