Bug 1115890

Summary: tar: SIGSEGV due to infinite symlink directory loop
Product: [Fedora] Fedora Reporter: Jay Elem <fiver22>
Component: tarAssignee: Ondrej Dubaj <odubaj>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: ccovingt, kdudka, odubaj, ovasik, panovotn, praiskup, rracicot
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/5039e0b140034889c3d4373b908f6f0822de308d
Whiteboard: abrt_hash:20d7dcaeeb59b3303ae9129f38a000c105843d08
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-07 07:25:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description Jay Elem 2014-07-03 09:41:50 UTC 
Version-Release number of selected component:
tar-1.26-31.fc20

Additional info:
reporter:       libreport-2.2.2
backtrace_rating: 4
cmdline:        tar cfj /run/media/fiver22/BackUp_ONLY/Backup-sysBckup-2014-07-02_01-00.tar.bz2 -h /bin /boot /dev /etc /home /lib /lib64 /lost+found /media /mnt /opt /proc /root /run /sbin /srv /sys /tmp /usr /var '/tmp/rpm - Package list - tmpARy1NI.txt'
crash_function: dump_file0
executable:     /usr/bin/tar
kernel:         3.14.8-200.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 dump_file0 at create.c:1653
 #1 dump_file at create.c:1959
 #2 dump_dir0 at create.c:1219
 #3 dump_dir at create.c:1312
 #4 dump_file0 at create.c:1756
 #5 dump_file at create.c:1959
 #6 dump_dir0 at create.c:1219
 #7 dump_dir at create.c:1312
 #8 dump_file0 at create.c:1756
 #9 dump_file at create.c:1959
Comment 1 Jay Elem 2014-07-03 09:42:56 UTC 
Created attachment 914426 [details]
File: backtrace
Comment 2 Jay Elem 2014-07-03 09:43:01 UTC 
Created attachment 914427 [details]
File: cgroup
Comment 3 Jay Elem 2014-07-03 09:43:13 UTC 
Created attachment 914428 [details]
File: core_backtrace
Comment 4 Jay Elem 2014-07-03 09:43:17 UTC 
Created attachment 914429 [details]
File: dso_list
Comment 5 Jay Elem 2014-07-03 09:43:21 UTC 
Created attachment 914430 [details]
File: environ
Comment 6 Jay Elem 2014-07-03 09:43:25 UTC 
Created attachment 914431 [details]
File: exploitable
Comment 7 Jay Elem 2014-07-03 09:43:29 UTC 
Created attachment 914432 [details]
File: limits
Comment 8 Jay Elem 2014-07-03 09:43:33 UTC 
Created attachment 914433 [details]
File: maps
Comment 9 Jay Elem 2014-07-03 09:43:38 UTC 
Created attachment 914434 [details]
File: open_fds
Comment 10 Jay Elem 2014-07-03 09:43:42 UTC 
Created attachment 914435 [details]
File: proc_pid_status
Comment 11 Jay Elem 2014-07-03 09:43:47 UTC 
Created attachment 914436 [details]
File: var_log_messages
Comment 12 Pavel Raiskup 2014-07-03 11:03:46 UTC 
Thanks for the report, Jay - reproducible.  Tar seems to go into unlucky
infinite recurse with -h (symlinks) when traversing directory structure under
/dev.  It is reproducible by:

  $ mkdir a
  $ ln -s ../a a/a
  $ tar -chf /dev/null a

Tar should defend against this somehow - older tars were failing (because
there were done major changes how tar handles opening files) with:

  Cannot stat: Too many levels of symbolic links

--

Jay, as a solution I would avoid using -h option for your backups (and maybe
I would also avoid backing up special filesystems) when possible.  I'll
discuss this issue with upstream.

Pavel
Comment 13 Pavel Raiskup 2014-07-09 13:13:17 UTC 
Proposed patch:
http://www.mail-archive.com/bug-tar@gnu.org/msg04542.html
Comment 14 Pavel Raiskup 2014-12-29 15:01:20 UTC 
*** Bug 1177363 has been marked as a duplicate of this bug. ***
Comment 15 Fedora End Of Life 2015-05-29 12:17:16 UTC 
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 16 Pavel Raiskup 2015-06-01 10:45:15 UTC 
Still not applied upstream, there happened yet another thread upstream not
mentioned here in this bug:
http://www.mail-archive.com/bug-tar@gnu.org/msg04764.html
Comment 17 Mike McCune 2016-03-28 23:21:47 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 18 Pavel Raiskup 2016-05-10 06:49:01 UTC 
Another upstream bug report:
http://www.mail-archive.com/bug-tar@gnu.org/msg04764.html
Comment 19 Pavel Raiskup 2016-11-24 06:37:11 UTC 
*** Bug 1398029 has been marked as a duplicate of this bug. ***
Comment 20 Ondrej Dubaj 2021-10-07 07:25:52 UTC 
According to the low priority of this request and as it did not bother any user for years, I am closing this tracker. If you think this issue should be handled and investigated, feel free to reopen it.