Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package gfs2-utils for openSUSE:Factory 
checked in at 2023-08-21 11:45:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gfs2-utils (Old)
 and      /work/SRC/openSUSE:Factory/.gfs2-utils.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "gfs2-utils"

Mon Aug 21 11:45:58 2023 rev:7 rq:1104965 version:3.5.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/gfs2-utils/gfs2-utils.changes    2023-08-10 
15:33:40.744080925 +0200
+++ /work/SRC/openSUSE:Factory/.gfs2-utils.new.1766/gfs2-utils.changes  
2023-08-21 11:46:14.307764354 +0200
@@ -1,0 +2,17 @@
+Mon Aug 21 01:22:00 UTC 2023 - Heming Zhao <heming.z...@suse.com>
+
+- Update to version 3.5.1:
+  * Don't use char arrays as temporary buffers
+  * libgfs2: Separate gfs and gfs2 code in lgfs2_sb_out()
+  * Re-enable -Wstrict-aliasing
+  * gfs2_convert: Clean up strict-aliasing warnings
+  * libgfs2: Fix strict-aliasing warning in lgfs2_rgrp_bitbuf_alloc
+  * gfs2_jadd: Fix format string warnings on 32-bit
+  * gfs2_edit: Fix savemeta test failures in 32-bit environments
+
+- Back port bugfix patch after tag 3.5.1
+  + 0001-fsck.gfs2-Tighten-offset-check-in-check_eattr_entrie.patch
+  + 0002-fsck.gfs2-Fix-max-xattr-record-length-check.patch
+  + 0003-fsck.gfs2-Fix-xattr-offset-checks-in-p1_check_eattr_.patch
+
+-------------------------------------------------------------------

Old:
----
  gfs2-utils-3.5.0.tar.xz

New:
----
  0001-fsck.gfs2-Tighten-offset-check-in-check_eattr_entrie.patch
  0002-fsck.gfs2-Fix-max-xattr-record-length-check.patch
  0003-fsck.gfs2-Fix-xattr-offset-checks-in-p1_check_eattr_.patch
  gfs2-utils-3.5.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gfs2-utils.spec ++++++
--- /var/tmp/diff_new_pack.8B3yIg/_old  2023-08-21 11:46:15.267766193 +0200
+++ /var/tmp/diff_new_pack.8B3yIg/_new  2023-08-21 11:46:15.275766208 +0200
@@ -17,19 +17,13 @@
 
 
 Name:           gfs2-utils
-Version:        3.5.0
+Version:        3.5.1
 Release:        0
 Summary:        Utilities for managing the global file system (GFS2)
 License:        GPL-2.0-or-later AND LGPL-2.0-or-later
 Group:          System/Filesystems
 URL:            https://pagure.io/gfs2-utils
-# The source for this package was pulled from the upstream git tree.
-# Use the following commands to generate the tarball:
-# git clone git://git.fedorahosted.org/gfs2-utils.git
-# cd gfs2-utils
-# ./make-tarball.sh
-#
-Source:         https://releases.pagure.org/%{name}/%{name}-%{version}.tar.xz
+Source:         
https://pagure.io/gfs2-utils/archive/%{version}/%{name}-%{version}.tar.gz
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  bison
@@ -47,6 +41,11 @@
 BuildRequires:  ncurses-devel
 BuildRequires:  zlib-devel
 
+# Upstream patches
+Patch1:         0001-fsck.gfs2-Tighten-offset-check-in-check_eattr_entrie.patch
+Patch2:         0002-fsck.gfs2-Fix-max-xattr-record-length-check.patch
+Patch3:         0003-fsck.gfs2-Fix-xattr-offset-checks-in-p1_check_eattr_.patch
+
 %description
 The gfs2-utils package contains a number of utilities for creating,
 checking, modifying, and correcting any inconsistencies in GFS2
@@ -55,6 +54,10 @@
 %prep
 %setup -q
 
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+
 %build
 #NOCONFIGURE=1
 ./autogen.sh

++++++ 0001-fsck.gfs2-Tighten-offset-check-in-check_eattr_entrie.patch ++++++
>From caab270a739d619cfa3b8d4c57789cb6b1ef94e8 Mon Sep 17 00:00:00 2001
From: Andrew Price <anpr...@redhat.com>
Date: Thu, 11 May 2023 17:04:34 +0100
Subject: [PATCH] fsck.gfs2: Tighten offset check in check_eattr_entries()

The "offset >= bsize" check is insufficient as it doesn't detect invalid
ea_header offsets less than one ea_header from the end of the block.
This fixes an unlikely fsck.gfs2 buffer over-read that can occur.

For the bug to occur:
1. The last valid xattr header must not have GFS2_EAFLAG_LAST set
2. Its ea_rec_len must result in an offset of the next xattr within 15
   bytes of the end of the block

A segfault can then occur if this region contains non-zero data that
results in the loop continuing with another bad offset and another bad
read, and so on.

Signed-off-by: Andrew Price <anpr...@redhat.com>
---
 gfs2/fsck/metawalk.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gfs2/fsck/metawalk.c b/gfs2/fsck/metawalk.c
index 66316e4d864c..819a7e670f73 100644
--- a/gfs2/fsck/metawalk.c
+++ b/gfs2/fsck/metawalk.c
@@ -846,6 +846,7 @@ static int check_eattr_entries(struct fsck_cx *cx, struct 
lgfs2_inode *ip,
        int i;
        int error = 0, err;
        uint32_t offset = (uint32_t)sizeof(struct gfs2_meta_header);
+       uint32_t offset_limit = ip->i_sbd->sd_bsize - sizeof(struct 
gfs2_ea_header);
 
        if (!pass->check_eattr_entry)
                return 0;
@@ -894,7 +895,7 @@ static int check_eattr_entries(struct fsck_cx *cx, struct 
lgfs2_inode *ip,
                }
                offset += be32_to_cpu(ea_hdr->ea_rec_len);
                if (ea_hdr->ea_flags & GFS2_EAFLAG_LAST ||
-                  offset >= ip->i_sbd->sd_bsize || ea_hdr->ea_rec_len == 0){
+                   offset > offset_limit || ea_hdr->ea_rec_len == 0) {
                        break;
                }
                ea_hdr_prev = ea_hdr;
-- 
2.35.3


++++++ 0002-fsck.gfs2-Fix-max-xattr-record-length-check.patch ++++++
>From f50a6c8aa6175c5763fb076da0efd07f36adb698 Mon Sep 17 00:00:00 2001
From: Andrew Price <anpr...@redhat.com>
Date: Thu, 11 May 2023 18:28:04 +0100
Subject: [PATCH] fsck.gfs2: Fix max xattr record length check

xattr blocks have a meta header so the max size to check ea_rec_len
against is one meta header less than the block size. Fixes detection of
bad ea_rec_len values that result in offsets up to 24 bytes past the end
of the block.

Signed-off-by: Andrew Price <anpr...@redhat.com>
---
 gfs2/fsck/pass1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gfs2/fsck/pass1.c b/gfs2/fsck/pass1.c
index 206929fcdbd5..ebd66e2c9bc5 100644
--- a/gfs2/fsck/pass1.c
+++ b/gfs2/fsck/pass1.c
@@ -881,7 +881,7 @@ static int p1_check_eattr_entries(struct fsck_cx *cx, 
struct lgfs2_inode *ip,
        char ea_name[256];
        uint32_t offset = (uint32_t)(((unsigned long)ea_hdr) -
                                     ((unsigned long)leaf_bh->b_data));
-       uint32_t max_size = sdp->sd_bsize;
+       uint32_t max_size = sdp->sd_bsize - sizeof(struct gfs2_meta_header);
        uint32_t avail_size;
        int max_ptrs;
 
-- 
2.35.3


++++++ 0003-fsck.gfs2-Fix-xattr-offset-checks-in-p1_check_eattr_.patch ++++++
>From d85e19e45f1df1cc4a933c84b8e7ff25df1959d4 Mon Sep 17 00:00:00 2001
From: Andrew Price <anpr...@redhat.com>
Date: Mon, 22 May 2023 11:24:26 +0100
Subject: [PATCH] fsck.gfs2: Fix xattr offset checks in p1_check_eattr_entries

Valid ea_header offsets fall within the block, at the block boundary,
but not in the final 15 bytes of the block as that would result in a
partial ea_header. Make sure these cases are all taken into account in
the ea_rec_len checks in p1_check_eattr_entries(). Also improve logging
of erroneous values.

Signed-off-by: Andrew Price <anpr...@redhat.com>
---
 gfs2/fsck/pass1.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/gfs2/fsck/pass1.c b/gfs2/fsck/pass1.c
index ebd66e2c9bc5..df2d8c4e59e9 100644
--- a/gfs2/fsck/pass1.c
+++ b/gfs2/fsck/pass1.c
@@ -879,9 +879,10 @@ static int p1_check_eattr_entries(struct fsck_cx *cx, 
struct lgfs2_inode *ip,
 {
        struct lgfs2_sbd *sdp = ip->i_sbd;
        char ea_name[256];
+       uint32_t offset_limit = sdp->sd_bsize - sizeof(struct gfs2_ea_header);
        uint32_t offset = (uint32_t)(((unsigned long)ea_hdr) -
                                     ((unsigned long)leaf_bh->b_data));
-       uint32_t max_size = sdp->sd_bsize - sizeof(struct gfs2_meta_header);
+       uint32_t rec_len = be32_to_cpu(ea_hdr->ea_rec_len);
        uint32_t avail_size;
        int max_ptrs;
 
@@ -890,12 +891,14 @@ static int p1_check_eattr_entries(struct fsck_cx *cx, 
struct lgfs2_inode *ip,
                return ask_remove_eattr_entry(cx, leaf_bh, ea_hdr,
                                              ea_hdr_prev, 1, 1);
        }
-       if (offset + be32_to_cpu(ea_hdr->ea_rec_len) > max_size){
-               log_err( _("EA rec length too long\n"));
+       if (offset + rec_len > offset_limit &&
+           offset + rec_len != sdp->sd_bsize) {
+               log_err( _("EA record length too long (%"PRIu32"+%"PRIu32")\n"),
+                       offset, rec_len);
                return ask_remove_eattr_entry(cx, leaf_bh, ea_hdr,
                                              ea_hdr_prev, 1, 1);
        }
-       if (offset + be32_to_cpu(ea_hdr->ea_rec_len) == max_size &&
+       if (offset + rec_len == sdp->sd_bsize &&
           (ea_hdr->ea_flags & GFS2_EAFLAG_LAST) == 0){
                log_err( _("last EA has no last entry flag\n"));
                return ask_remove_eattr_entry(cx, leaf_bh, ea_hdr,
-- 
2.35.3

Reply via email to