e2fsprogs-1.28 could corrupt directories
Hi list! This could be slightly off-topic, but isn't data corruption security related? SuSE 8.1 was delivered with e2fsprogs-1.28, which has a "fencepost error" (???) which could cause directory corruption. Please read the following mail extracted from linux-kernel mailing list: ====================================================================== On Tue, Nov 26, 2002 at 10:55:10AM -0500, Clemmitt Sigler wrote:
The e2fsck run seemed to me to go normally. It reported that it optimized some directories, but this has happened on other auto-fscks of my ext3 filesystems without corruption under earlier kernels. (This is the first corruption I've seen in many, many years.) But I didn't capture the messages :^( and they don't get written into /var/log/messages (that I could find).
Ah, ha. I think I know what happened. What version of e2fsprogs were you using? If it was 1.28, that would explain what you saw. There was a fencepost error that could corrupt directories when it was optimizing/rehashing them. This bug was fixed in in the next version, which was rushed out the door as a result of this bug. Fortunately, 1.28 didn't get adopted by any distro's as far as I know, and not that many people downloaded and compiled e2fsprogs 1.28. If you're not using the latest version of e2fsprogs, which is e2fsprogs 1.32, I'd strongly suggest updating to it. Version 1.28 is just *so* three months ago. :-) - Ted P.S. If you do have a directory which is corrupted by e2fsck 1.28, no data is lost; it just created a directory entry which is too small, so it triggers the sanity checks in the kernel. Running e2fsck version 1.29 or later will unbork the directory. ====================================================================== -- Richard Ems ... e-mail: r.ems@gmx.net ... Computer Science, University of Hamburg Unix IS user friendly. It's just selective about who its friends are.
On Wed, 27 Nov 2002, Richard Ems wrote:
This could be slightly off-topic, but isn't data corruption security related? SuSE 8.1 was delivered with e2fsprogs-1.28, which has a "fencepost error" (???) which could cause directory corruption.
According to the maintainer of our e2fsprogs package, this referes to the htree (hash tree) stuff in e2fsprogs which is *not* enabled in SuSEs version of e2fsprogs. HTH best regards, Rainer Link (SuSE Labs) -- Rainer Link | SuSE Linux AG - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (www.amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
participants (2)
-
Rainer Link
-
Richard Ems