Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
xfsprogs.970
0005-xfs_metadump-obfuscate-remote-symlinks-on-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0005-xfs_metadump-obfuscate-remote-symlinks-on-CRC-filesy.patch of Package xfsprogs.970
From 80917c1a0df4f940ac996ecdb142809860dd04c9 Mon Sep 17 00:00:00 2001 From: Eric Sandeen <sandeen@redhat.com> Date: Thu, 30 Jul 2015 09:17:43 +1000 Subject: [PATCH 05/20] xfs_metadump: obfuscate remote symlinks on CRC filesystems References: bsc#939367 CVE-2012-2150 On CRC filesystems, the symlink block starts with a header, which contains magic, "XLSM" The code happens to "work" today w/o corrupting anything, because it seems "XSLM" as a string, decides it's too short to obfuscate, and leaves it alone. But the real symlink target is untouched. Fix that by moving the pointer to the string we want to obfuscate by the size of the header, and shorten the length to obfuscate accordingly. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Dave Chinner <david@fromorbit.com> Acked-by: Jan Kara <jack@suse.com> --- db/metadump.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/db/metadump.c b/db/metadump.c index b5e7a231fe39..773d18c56cea 100644 --- a/db/metadump.c +++ b/db/metadump.c @@ -1240,8 +1240,12 @@ static void obfuscate_symlink_block( char *block) { - /* XXX: need to handle CRC headers */ - obfuscate_path_components(block, mp->m_sb.sb_blocksize); + if (xfs_sb_version_hascrc(&(mp)->m_sb)) + block += sizeof(struct xfs_dsymlink_hdr); + + obfuscate_path_components(block, + XFS_SYMLINK_BUF_SPACE(mp, + mp->m_sb.sb_blocksize)); } #define MAX_REMOTE_VALS 4095 -- 2.1.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor