Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
xfsprogs.970
0007-metadump-Fill-attribute-values-with-v-rath...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0007-metadump-Fill-attribute-values-with-v-rather-than-NU.patch of Package xfsprogs.970
From 1941482cd9ebcdb07481306e31d6ac722395c8e0 Mon Sep 17 00:00:00 2001 From: Eric Sandeen <sandeen@sandeen.net> Date: Thu, 30 Jul 2015 09:17:43 +1000 Subject: [PATCH 07/20] metadump: Fill attribute values with 'v' rather than NUL References: bsc#939367 CVE-2012-2150 Rather than memset attribute values to '\0', use the character 'v' - otherwise in some cases we get attributes with a non-zero value length which start with a NUL, and that makes some userspace tools unhappy, yielding results like this: security.oO^Lio.=0sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= Signed-off-by: Eric Sandeen <sandeen@redhat.com> Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Dave Chinner <david@fromorbit.com> Acked-by: Jan Kara <jack@suse.com> --- db/metadump.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/db/metadump.c b/db/metadump.c index ffd1fe1f7288..bea5de7c332d 100644 --- a/db/metadump.c +++ b/db/metadump.c @@ -1083,8 +1083,8 @@ obfuscate_sf_attr( xfs_dinode_t *dip) { /* - * with extended attributes, obfuscate the names and zero the actual - * values. + * with extended attributes, obfuscate the names and fill the actual + * values with 'v' (to see a valid string length, as opposed to NULLs) */ xfs_attr_shortform_t *asfp; @@ -1124,7 +1124,7 @@ obfuscate_sf_attr( } generate_obfuscated_name(0, asfep->namelen, &asfep->nameval[0]); - memset(&asfep->nameval[asfep->namelen], 0, asfep->valuelen); + memset(&asfep->nameval[asfep->namelen], 'v', asfep->valuelen); asfep = (xfs_attr_sf_entry_t *)((char *)asfep + XFS_ATTR_SF_ENTSIZE(asfep)); @@ -1299,7 +1299,7 @@ obfuscate_attr_block( /* Macros to handle both attr and attr3 */ memset(block + (bs - XFS_ATTR3_RMT_BUF_SPACE(mp, bs)), - 0, XFS_ATTR3_RMT_BUF_SPACE(mp, bs)); + 'v', XFS_ATTR3_RMT_BUF_SPACE(mp, bs)); } return; } @@ -1337,7 +1337,7 @@ obfuscate_attr_block( } generate_obfuscated_name(0, local->namelen, &local->nameval[0]); - memset(&local->nameval[local->namelen], 0, + memset(&local->nameval[local->namelen], 'v', be16_to_cpu(local->valuelen)); } else { remote = xfs_attr3_leaf_name_remote(leaf, i); -- 2.1.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
