From 64027e375cc15a09ecf05638e04cc475d3b81aee Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Sun, 7 Feb 2010 22:02:46 +0000 Subject: [PATCH] * Sun Feb 07 2010 Eric Sandeen 1.41.9-10 - Upstream version of resize2fs array fix, original was wrong --- e2fsprogs-1.41.9-resize-array.patch | 76 ++++++++++++++++------------- e2fsprogs.spec | 5 +- 2 files changed, 47 insertions(+), 34 deletions(-) diff --git a/e2fsprogs-1.41.9-resize-array.patch b/e2fsprogs-1.41.9-resize-array.patch index e6aecf8..3c2e022 100644 --- a/e2fsprogs-1.41.9-resize-array.patch +++ b/e2fsprogs-1.41.9-resize-array.patch @@ -1,38 +1,48 @@ -Index: e2fsprogs-1.41.9/resize/resize2fs.c -=================================================================== ---- e2fsprogs-1.41.9.orig/resize/resize2fs.c -+++ e2fsprogs-1.41.9/resize/resize2fs.c -@@ -1818,9 +1818,6 @@ static errcode_t ext2fs_calculate_summar - fs->group_desc[group].bg_free_blocks_count = +commit 40b09fbe01fac8722b699b29f796e18550d68c84 +Author: Theodore Ts'o +Date: Fri Feb 5 22:25:03 2010 -0500 + + resize2fs: Fix fix uninit group test accessing invalid memory + + Commit 74128f8 added tests for uninit groups, but it could access past + the end of the group_desc[] array after processing the last group: + + ==19668== Invalid read of size 2 + ==19668== at 0x40518C: resize_fs (resize2fs.c:1824) + ==19668== by 0x405A46: main (main.c:451) + ==19668== Address 0x5a0d002 is not stack'd, malloc'd or (recently) free'd + ==19668== + ==19668== Invalid read of size 2 + ==19668== at 0x405391: resize_fs (resize2fs.c:1864) + ==19668== by 0x405A46: main (main.c:451) + ==19668== Address 0x5a0d002 is not stack'd, malloc'd or (recently) free'd + ==19668== + + It was found by Eric Sandeen running the regression suite through + valgrind. + + Signed-off-by: "Theodore Ts'o" + +diff --git a/resize/resize2fs.c b/resize/resize2fs.c +index 75c4721..346fd53 100644 +--- a/resize/resize2fs.c ++++ b/resize/resize2fs.c +@@ -1819,6 +1819,8 @@ static errcode_t ext2fs_calculate_summary_stats(ext2_filsys fs) group_free; ext2fs_group_desc_csum_set(fs, group); -- group++; -- count = 0; -- group_free = 0; - uninit = (fs->group_desc[group].bg_flags & - EXT2_BG_BLOCK_UNINIT); - ext2fs_super_and_bgd_loc(fs, group, &super_blk, -@@ -1832,6 +1829,9 @@ static errcode_t ext2fs_calculate_summar - else - old_desc_blocks = fs->desc_blocks + - fs->super->s_reserved_gdt_blocks; -+ group++; -+ count = 0; -+ group_free = 0; - } - } - fs->super->s_free_blocks_count = total_free; -@@ -1858,11 +1858,11 @@ static errcode_t ext2fs_calculate_summar - fs->group_desc[group].bg_free_inodes_count = - group_free; - ext2fs_group_desc_csum_set(fs, group); -+ uninit = (fs->group_desc[group].bg_flags & -+ EXT2_BG_INODE_UNINIT); group++; ++ if (group >= fs->group_desc_count) ++ break; count = 0; group_free = 0; -- uninit = (fs->group_desc[group].bg_flags & -- EXT2_BG_INODE_UNINIT); - } - } - fs->super->s_free_inodes_count = total_free; + uninit = (fs->group_desc[group].bg_flags & +@@ -1859,6 +1861,8 @@ static errcode_t ext2fs_calculate_summary_stats(ext2_filsys fs) + group_free; + ext2fs_group_desc_csum_set(fs, group); + group++; ++ if (group >= fs->group_desc_count) ++ break; + count = 0; + group_free = 0; + uninit = (fs->group_desc[group].bg_flags & + diff --git a/e2fsprogs.spec b/e2fsprogs.spec index 0a414de..8acc6eb 100644 --- a/e2fsprogs.spec +++ b/e2fsprogs.spec @@ -4,7 +4,7 @@ Summary: Utilities for managing ext2, ext3, and ext4 filesystems Name: e2fsprogs Version: 1.41.9 -Release: 9%{?dist} +Release: 10%{?dist} # License tags based on COPYING file distinctions for various components License: GPLv2 @@ -317,6 +317,9 @@ exit 0 %{_libdir}/pkgconfig/ss.pc %changelog +* Sun Feb 07 2010 Eric Sandeen 1.41.9-10 +- Upstream version of resize2fs array fix, original was wrong + * Sat Jan 23 2010 Eric Sandeen 1.41.9-9 - Fix up stray output & re-enable make check - Fix dlopen issues for newer libreadline