Your message dated Mon, 02 Feb 2009 20:32:27 +0000 with message-id <[email protected]> and subject line Bug#511995: fixed in unionfs-fuse 0.21-3 has caused the Debian Bug report #511995, regarding unionfs-fuse: too short memory allocation when determining absolute path to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 511995: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511995 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: unionfs-fuse Version: 0.21-2 Severity: important Tags: patch Hi again, It took me a little while to track it down, but here it is: When using relative paths unionfs-fuse wasn't allocation enough memory thus the resulting absolute path was not always correct. Diff of strace (- current code, + patched code): -open("/home/ttttttt/ffffff/imagess/\31", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) +open("/home/ttttttt/ffffff/images/", O_RDONLY|O_LARGEFILE) = 4 And as you can guess all the remaining lstat and other system calls fail because the path doesn't exist. Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net--- unionfs-fuse-0.21.orig/src/opts.c +++ unionfs-fuse-0.21/src/opts.c @@ -52,7 +52,7 @@ // 2 due to: +1 for '/' between cwd and relpath // +1 for terminating '\0' - int abslen = cwdlen + strlen(relpath) + 2; + int abslen = cwdlen + strlen(relpath) + 3; if (abslen > PATHLEN_MAX) { fprintf(stderr, "Absolute path too long!\n"); return NULL;
--- End Message ---
--- Begin Message ---Source: unionfs-fuse Source-Version: 0.21-3 We believe that the bug you reported is fixed in the latest version of unionfs-fuse, which is due to be installed in the Debian FTP archive: unionfs-fuse_0.21-3.diff.gz to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3.diff.gz unionfs-fuse_0.21-3.dsc to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3.dsc unionfs-fuse_0.21-3_amd64.deb to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernd Schubert <[email protected]> (supplier of updated unionfs-fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 24 Jan 2009 00:10:44 +0100 Source: unionfs-fuse Binary: unionfs-fuse Architecture: source amd64 Version: 0.21-3 Distribution: unstable Urgency: high Maintainer: Bernd Schubert <[email protected]> Changed-By: Bernd Schubert <[email protected]> Description: unionfs-fuse - Fuse implementation of unionfs Closes: 511158 511995 Changes: unionfs-fuse (0.21-3) unstable; urgency=high . * fixes critical buffer overflow on using relativ pathes * slightly improve the man page to tell people without -ocow not everything might work as expected * change binary path from /usr/sbin to /usr/bin * (closes: #511995) * (closes: #511158) Checksums-Sha1: 59e76d074c57771ab8685038b2b5294dae3b3ce4 1017 unionfs-fuse_0.21-3.dsc db94f993a4fd5c7433a226ca06b9ea4bb79794b0 5955 unionfs-fuse_0.21-3.diff.gz 09ee6735f2fd64b8f4154c0c134fea4860403f63 25104 unionfs-fuse_0.21-3_amd64.deb Checksums-Sha256: a5213ea738fcaf9a2afdfb61955374b174e22569ace57772c95c97edca922890 1017 unionfs-fuse_0.21-3.dsc a29f132b956a59fc66b160390e363661b8a90aa721268b30c75a5c44a82a4052 5955 unionfs-fuse_0.21-3.diff.gz 6ee43218b63a4bc8c8ab55f84052400330942d714057a224f0842f8dd8bc7d29 25104 unionfs-fuse_0.21-3_amd64.deb Files: efafe1707da1a12982d54ce894788dc1 1017 misc optional unionfs-fuse_0.21-3.dsc 66b4b644abcbcddf467341a9226f4ff9 5955 misc optional unionfs-fuse_0.21-3.diff.gz 2fef47f1aad19b4808b7860cedb78c05 25104 misc optional unionfs-fuse_0.21-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkmHVTYACgkQx/UhwSKygsp7owCfVpqdsGfqawVoVbxsiRZWHJqg ycYAoIltarFhgDal+0t9jOB6v6nWj+Ta =zXu4 -----END PGP SIGNATURE-----
--- End Message ---
