Bug 674095

Summary: [abrt] dosfstools-3.0.9-4.fc14: _IO_str_chk_overflow: Process /sbin/dosfsck was killed by signal 6 (SIGABRT)
Product: [Fedora] Fedora Reporter: Mads Kiilerich <mads>
Component: dosfstoolsAssignee: Jaroslav Škarvada <jskarvad>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 14CC: bnater, jskarvad
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Unspecified   
Whiteboard: abrt_hash:36d6572a6d9f88437a85ce7fefa9968eedd36a4d
Fixed In Version: dosfstools-3.0.9-5.fc14 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 677789 684181 (view as bug list) Environment:
Last Closed: 2011-03-08 20:24:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 684181    
Attachments:
Description Flags
File: backtrace
none
Fix alloc_rootdir_entry buffer overflow
none
Fix alloc_rootdir_entry buffer overflow
none
Reproducer none

Description Mads Kiilerich 2011-01-31 16:13:46 UTC 
abrt version: 1.1.14
architecture: i686
Attached file: backtrace
cmdline: fsck.vfat -y /dev/sdb1
component: dosfstools
crash_function: _IO_str_chk_overflow
executable: /sbin/dosfsck
kernel: 2.6.35.10-74.fc14.i686.PAE
package: dosfstools-3.0.9-4.fc14
rating: 4
reason: Process /sbin/dosfsck was killed by signal 6 (SIGABRT)
release: Fedora release 14 (Laughlin)
time: 1296489853
uid: 0

How to reproduce
-----
1. tried to fsck a broken usb flash device
2.
3.
Comment 1 Mads Kiilerich 2011-01-31 16:13:48 UTC 
Created attachment 476222 [details]
File: backtrace
Comment 2 Jaroslav Škarvada 2011-01-31 16:47:37 UTC 
Thanks, got it from the backtrace.
Comment 3 Jaroslav Škarvada 2011-01-31 16:50:06 UTC 
Created attachment 476231 [details]
Fix alloc_rootdir_entry buffer overflow
Comment 4 Jaroslav Škarvada 2011-01-31 16:51:47 UTC 
Please try the following experimental build on your broken USB flash drive and report the results:
http://koji.fedoraproject.org/koji/taskinfo?taskID=2753262
Comment 5 Mads Kiilerich 2011-01-31 17:33:02 UTC 
Thanks, seems to work fine.

(But I wonder why it also found'n'fixed errors the second time I ran it. I would expect it to warn me the first time if that was likely to be necessary. Or is it common knowledge that fsck must be rerun until no failures are found?)

[root@dev-mk ~]# rpm -q dosfstools
dosfstools-3.0.9-5.fc14.i686
[root@dev-mk ~]# fsck -y /dev/sdb1 
fsck from util-linux-ng 2.18
dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN
Reclaimed 7 unused clusters (114688 bytes) in 4 chains.
Performing changes.
/dev/sdb1: 739 files, 23270/62952 clusters
[root@dev-mk ~]# fsck -y /dev/sdb1 
fsck from util-linux-ng 2.18
dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN
/FSCK0000.\000\000\000
  Bad file name.
  Auto-renaming it.
  Renamed to FSCK0000.000
/FSCK0001.\000\000\000
  Bad file name.
  Auto-renaming it.
  Renamed to FSCK0000.001
/FSCK0002.\000\000\000
  Bad file name.
  Auto-renaming it.
  Renamed to FSCK0000.002
/FSCK0003.\000\000\000
  Bad file name.
  Auto-renaming it.
  Renamed to FSCK0000.003
Performing changes.
/dev/sdb1: 739 files, 23270/62952 clusters
[root@dev-mk ~]# fsck -y /dev/sdb1 
fsck from util-linux-ng 2.18
dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN
/dev/sdb1: 739 files, 23270/62952 clusters
[root@dev-mk ~]#
Comment 6 Jaroslav Škarvada 2011-02-01 08:28:37 UTC 
Thanks, got it. It is another problem ;) I will push patches for both issues into update testing and I will also post it upstream. Watch this bugzilla for progress.
Comment 7 Jaroslav Škarvada 2011-02-01 11:47:27 UTC 
Created attachment 476370 [details]
Fix alloc_rootdir_entry buffer overflow

Updated patch addressing the issue from comment 5. Before applying, the dosfstools-3.0.9-fix-reclaim-file.patch must be also dropped.
Comment 8 Jaroslav Škarvada 2011-02-01 11:56:23 UTC 
Updated scratch build:
http://koji.fedoraproject.org/koji/taskinfo?taskID=2754353

Patch sent upstream. Waiting for comments.
Comment 9 Jaroslav Škarvada 2011-02-14 16:23:35 UTC 
Created attachment 478664 [details]
Reproducer

Should return 0 on PASS, 1 on FAIL.
Comment 10 Fedora Update System 2011-02-14 16:27:35 UTC 
dosfstools-3.0.9-5.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc14
Comment 11 Fedora Update System 2011-02-14 17:14:39 UTC 
dosfstools-3.0.9-4.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13
Comment 12 Fedora Update System 2011-02-14 17:28:01 UTC 
dosfstools-3.0.11-3.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/dosfstools-3.0.11-3.fc15
Comment 13 Fedora Update System 2011-02-14 20:27:40 UTC 
dosfstools-3.0.9-5.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update dosfstools'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc14
Comment 14 Fedora Update System 2011-03-08 20:24:37 UTC 
dosfstools-3.0.9-5.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2011-03-10 03:05:54 UTC 
dosfstools-3.0.11-3.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 16 Fedora Update System 2011-04-05 12:09:44 UTC 
dosfstools-3.0.9-5.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13