Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
xfsprogs.970
0015-metadump-Zero-sparse-unused-regions-of-dir...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0015-metadump-Zero-sparse-unused-regions-of-dir2.patch of Package xfsprogs.970
From 6d34e8b30e696d9a7e9bcf6e32cddbcd3bfad15a Mon Sep 17 00:00:00 2001 From: Eric Sandeen <sandeen@sandeen.net> Date: Thu, 30 Jul 2015 09:21:05 +1000 Subject: [PATCH 15/20] metadump: Zero sparse/unused regions of dir2 References: bsc#939367 CVE-2012-2150 dir2 data has explicitly unused regions as well as padding between entries; zero this out to avoid copying stale data. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Dave Chinner <david@fromorbit.com> Acked-by: Jan Kara <jack@suse.com> --- db/metadump.c | 54 +++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/db/metadump.c b/db/metadump.c index 775deb5274fd..462623652b6f 100644 --- a/db/metadump.c +++ b/db/metadump.c @@ -1153,7 +1153,7 @@ process_sf_attr( } static void -obfuscate_dir_data_block( +process_dir_data_block( char *block, xfs_dfiloff_t offset, int is_block_format) @@ -1229,6 +1229,20 @@ obfuscate_dir_data_block( return; dir_offset += length; ptr += length; + /* + * Zero the unused space up to the tag - the tag is + * actually at a variable offset, so zeroing &dup->tag + * is zeroing the free space in between + */ + if (zero_stale_data) { + int zlen = length - + sizeof(xfs_dir2_data_unused_t); + + if (zlen > 0) { + memset(&dup->tag, 0, zlen); + iocur_top->need_crc = 1; + } + } if (dir_offset >= end_of_data || ptr >= endptr) return; } @@ -1247,10 +1261,23 @@ obfuscate_dir_data_block( if (be16_to_cpu(*xfs_dir3_data_entry_tag_p(mp, dep)) != dir_offset) return; - generate_obfuscated_name(be64_to_cpu(dep->inumber), + + if (obfuscate) + generate_obfuscated_name(be64_to_cpu(dep->inumber), dep->namelen, &dep->name[0]); dir_offset += length; ptr += length; + /* Zero the unused space after name, up to the tag */ + if (zero_stale_data) { + /* 1 byte for ftype; don't bother with conditional */ + int zlen = + (char *)xfs_dir3_data_entry_tag_p(mp, dep) - + (char *)&dep->name[dep->namelen] - 1; + if (zlen > 0) { + memset(&dep->name[dep->namelen] + 1, 0, zlen); + iocur_top->need_crc = 1; + } + } } } @@ -1403,7 +1430,7 @@ process_single_fsb_objects( } - if (!obfuscate) + if (!obfuscate && !zero_stale_data) goto write; dp = iocur_top->data; @@ -1412,17 +1439,21 @@ process_single_fsb_objects( if (o >= mp->m_dirleafblk) break; - obfuscate_dir_data_block(dp, o, + process_dir_data_block(dp, o, last == mp->m_dirblkfsbs); iocur_top->need_crc = 1; break; case TYP_SYMLINK: - obfuscate_symlink_block(dp); - iocur_top->need_crc = 1; + if (obfuscate) { + obfuscate_symlink_block(dp); + iocur_top->need_crc = 1; + } break; case TYP_ATTR: - obfuscate_attr_block(dp, o); - iocur_top->need_crc = 1; + if (obfuscate) { + obfuscate_attr_block(dp, o); + iocur_top->need_crc = 1; + } break; default: break; @@ -1495,13 +1526,14 @@ process_multi_fsb_objects( } - if (!obfuscate || o >= mp->m_dirleafblk) { + if ((!obfuscate && !zero_stale_data) || + o >= mp->m_dirleafblk) { ret = write_buf(iocur_top); goto out_pop; } - obfuscate_dir_data_block(iocur_top->data, o, - last == mp->m_dirblkfsbs); + process_dir_data_block(iocur_top->data, o, + last == mp->m_dirblkfsbs); iocur_top->need_crc = 1; ret = write_buf(iocur_top); out_pop: -- 2.1.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor