1293677 – resize2fs: Attempt to write block to filesystem resulted in short write while trying to resize

Bug 1293677 - resize2fs: Attempt to write block to filesystem resulted in short write while trying to resize

Summary: resize2fs: Attempt to write block to filesystem resulted in short write while...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	e2fsprogs
Sub Component:
Version:	7.4
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Eric Sandeen
QA Contact:	Boyang Xue
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-12-22 16:33 UTC by Monakhov Dmitriy
Modified:	2021-08-30 13:42 UTC (History)
CC List:	3 users (show)
Fixed In Version:	e2fsprogs-1.42.9-8.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-11-04 06:41:43 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Bad image with big meta_bg descriptor size (485.70 KB, application/x-xz) 2015-12-22 16:33 UTC, Monakhov Dmitriy	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	3768261	0	None	None	None	2018-12-20 16:55:55 UTC
Red Hat Product Errata	RHBA-2016:2454	0	normal	SHIPPED_LIVE	e2fsprogs bug fix update	2016-11-03 14:04:38 UTC

Description Monakhov Dmitriy 2015-12-22 16:33:38 UTC

Created attachment 1108672 [details]
Bad image with big meta_bg descriptor size

Package affected: e2fsprogs-1.42.9-7
Resize failed on some images which result in corrupted fs
Testcase (uncompress badimage.qcow2.xz attached )
#resize2fs -p /dev/loop1 10481664k
/sbin/resize2fs: Attempt to write block to filesystem resulted in short write while trying to resize /dev/loop1
Please run 'e2fsck -fy /dev/loop1' to fix the filesystem after the aborted resize operation.

Comment 2 Monakhov Dmitriy 2015-12-22 16:38:50 UTC

This is known issue which was fixed by this commits


From f66e6ce4446738c2c7f43d41988a3eb73347e2f5 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso>
Date: Sat, 9 Aug 2014 12:24:54 -0400
Subject: [PATCH] libext2fs: avoid buffer overflow if s_first_meta_bg is too big

From 49d0fe2a14f2a23da2fe299643379b8c1d37df73 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso>
Date: Fri, 6 Feb 2015 12:46:39 -0500
Subject: [PATCH] libext2fs: fix potential buffer overflow in closefs()


HUGE NOTE: First patch introduces buffer owerflow known as CVE-2015-1572 (https://bugzilla.redhat.com/show_bug.cgi?id=1193945) but second patch fix it. So both patches are necessery.

Comment 3 Boyang Xue 2016-05-31 06:59:00 UTC

Hi Monakhov,

I fail to reproduce by using the attached image, could you please describe steps to reproduce?

log:
user@host:[~/i]: md5sum bad.img.qcow2
16a727602f5557fe3a0e869fff0f4ba0  bad.img.qcow2
user@host:[~/i]: qemu-img info bad.img.qcow2
image: bad.img.qcow2
file format: qcow2
virtual size: 10T (11440717037568 bytes)
disk size: 2.1M
cluster_size: 4096
Format specific information:
    compat: 0.10
user@host:[~/i]: qemu-img convert -O raw bad.img.qcow2 bad.img.raw
user@host:[~/i]: du -sh bad.img.raw
0       bad.img.raw

Comment 5 Boyang Xue 2016-07-14 11:04:23 UTC

The bug is hard to reproduce, thus verify it by SanityOnly against e2fsprogs-1.42.9-9.el7.
Regression test has been performed. Link to beaker jobs:
https://url.corp.redhat.com/RHBA-2016-23887

Comment 7 errata-xmlrpc 2016-11-04 06:41:43 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2454.html

Note You need to log in before you can comment on or make changes to this bug.