Description of problem:
When repairing a partition I get a buffer overflow. This is the output:
dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN
FATs differ but appear to be intact. Using first FAT.
*** buffer overflow detected ***: fsck.vfat terminated
======= Backtrace: =========
======= Memory map: ========
0052c000-0052d000 r-xp 00000000 00:00 0 [vdso]
00682000-006a0000 r-xp 00000000 08:02 6402 /lib/ld-2.12.1.so
006a0000-006a1000 r--p 0001d000 08:02 6402 /lib/ld-2.12.1.so
006a1000-006a2000 rw-p 0001e000 08:02 6402 /lib/ld-2.12.1.so
006a4000-00829000 r-xp 00000000 08:02 7448 /lib/libc-2.12.1.so
00829000-0082a000 ---p 00185000 08:02 7448 /lib/libc-2.12.1.so
0082a000-0082c000 r--p 00185000 08:02 7448 /lib/libc-2.12.1.so
0082c000-0082d000 rw-p 00187000 08:02 7448 /lib/libc-2.12.1.so
0082d000-00830000 rw-p 00000000 00:00 0
00d09000-00d26000 r-xp 00000000 08:02 8756 /lib/libgcc_s-4.4.5-20101113.so.1
00d26000-00d27000 rw-p 0001d000 08:02 8756 /lib/libgcc_s-4.4.5-20101113.so.1
08047000-08055000 r-xp 00000000 08:02 11191 /sbin/dosfsck
08055000-08056000 rw-p 0000d000 08:02 11191 /sbin/dosfsck
08056000-08058000 rw-p 00000000 00:00 0
08f94000-08fef000 rw-p 00000000 00:00 0 [heap]
b783f000-b78b6000 rw-p 00000000 00:00 0
b78d2000-b78d4000 rw-p 00000000 00:00 0
bffa0000-bffc1000 rw-p 00000000 00:00 0 [stack]
Abortado (`core' generado)
Version-Release number of selected component (if applicable):
Also submit the coredump. I'll copy my damaged partition (SD card) if you need I can upload it (it's about 2GB).
Created attachment 464893 [details]
Thanks for info. May be I got it from the core dump, please check the following experimental build and let me know if it fixes the problem:
I'm sorry. The SD card wasn't mine so I had to return it.
And I wanted to copy it to my HDD before formating it, but when tried to copy it using dd it just copied 15MB.
As far as I know the card was damaged (badblocks?) because after formatting it I wasn't able to copy it again. And some file transfers failed.
I guess maybe you don't check all the read/write syscalls when they return error? Maybe a -1 return value is treated as read/write byte count and therefore produces an buffer overflow? I'm pretty sure the underlying bug was in the SD card or in the reader driver (it's a crap).
I can't do anything more by now. Maybe I can get the card back again in some days to test it properly.
Thank you a lot!
No problem, thanks for info. From the backtrace it seems it overflows when reclaiming more than 9 files because the resulting filename is too long and does not fit into 8 chars filename buffer. The filesystem must be probably heavily damaged for this condition to occure. I am going to post the patch upstream and also I am going to push the fix through bodhi. Maybe there are more problems but this one is obvious.
Glad it helped to fix a bug! I don't really know if the filesystem was really damaged. I could mount it without a problem and list all the files and also I did backup them. There were some file that couldn't be copied because when I tried to copy them the filesystem was unmounted and mounted again. I don't know if it's mount's fault or gnome's, but it happened. As I said maybe the kernel was reading random data from damaged card blocks... No idea...
Thank you for your great job!
dosfstools-3.0.9-4.fc14 has been submitted as an update for Fedora 14.
dosfstools-3.0.9-3.fc13 has been submitted as an update for Fedora 13.
dosfstools-3.0.9-3.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update dosfstools'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/dosfstools-3.0.9-3.fc13
Patch was accepted upstream and will be probably part of dosfstool-3.0.12.
dosfstools-3.0.9-4.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
dosfstools-3.0.9-4.fc13 has been submitted as an update for Fedora 13.
dosfstools-3.0.9-5.fc13 has been submitted as an update for Fedora 13.
This message is a reminder that Fedora 13 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 13. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora
'version' of '13'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version prior to Fedora 13's end of life.
Bug Reporter: Thank you for reporting this issue and we are sorry that
we may not be able to fix it before Fedora 13 is end of life. If you
would still like to see this bug fixed and are able to reproduce it
against a later version of Fedora please change the 'version' of this
bug to the applicable version. If you are unable to change the version,
please add a comment here and someone will do it for you.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
The process we are following is described here:
Fedora 13 changed to end-of-life (EOL) status on 2011-06-25. Fedora 13 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version.
Thank you for reporting this bug and we are sorry it could not be fixed.