From 276bb60252b819db7f297cf429a749e25294dd0f Mon Sep 17 00:00:00 2001 From: Theodore Ts'o Date: Thu, 15 Jun 2023 00:46:51 -0400 Subject: [PATCH] debian: update changelog and debian/patches Update the changelog and debian/patches to reflect the cherry pick of "e2fsck: fix handling of a invalid symlink in an inline_data directory" Signed-off-by: Theodore Ts'o --- debian/changelog | 3 +- ...ing-of-a-invalid-symlink-in-an-inline-dir.patch | 39 ++++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 debian/patches/e2fsck-fix-handling-of-a-invalid-symlink-in-an-inline-dir.patch diff --git a/debian/changelog b/debian/changelog index 38fbe9e..f550e96 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,8 +4,9 @@ e2fsprogs (1.47.0-3) unstable; urgency=medium Debian Bookworm is released * Suppress "Feature orphan_present is set but orphan file is clean" nessage when running in preen mode. + * Fix e2fsck's handling of an invalid symlink in an inline directory - -- Theodore Y. Ts'o Tue, 30 May 2023 16:16:28 -0400 + -- Theodore Y. Ts'o Thu, 15 Jun 2023 00:46:33 -0400 e2fsprogs (1.47.0-2) unstable; urgency=medium diff --git a/debian/patches/e2fsck-fix-handling-of-a-invalid-symlink-in-an-inline-dir.patch b/debian/patches/e2fsck-fix-handling-of-a-invalid-symlink-in-an-inline-dir.patch new file mode 100644 index 0000000..162e0fc --- /dev/null +++ b/debian/patches/e2fsck-fix-handling-of-a-invalid-symlink-in-an-inline-dir.patch @@ -0,0 +1,39 @@ +From: Theodore Ts'o +Description: e2fsck: fix handling of a invalid symlink in an inline_data directory + . + If there is an inline directory that contains a directory entry to an + invalid symlink, and that invalid symlink is the portion of the inline + directory stored in an xattr portion of the inode, this can result in + a buffer overrun. + . + When check_dir_block() is handling the in-xattr portion of the inline + directory, it sets the buf pointer to the beginning of that part of + the inline directory. This results in the scratch buffer passed to + e2fsck_process_bad_inode() to incorrect, resulting in a buffer overrun + if e2fsck_pass1_check_symlink() needs to read the symlink target (when + the symlink is too long to fit in the i_blocks[] space). + . + This commit fixes this by using the original cd->buf instead of buf, + since it can get modified when handling inline directories. + . +Origin: upstream,https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=next&id=8798bbb81687103b0c0f56a42b096884c6032101 +--- + e2fsck/pass2.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/e2fsck/pass2.c b/e2fsck/pass2.c +index 47f9206f..42f3e5ef 100644 +--- a/e2fsck/pass2.c ++++ b/e2fsck/pass2.c +@@ -1523,7 +1523,7 @@ skip_checksum: + dirent->inode)) { + if (e2fsck_process_bad_inode(ctx, ino, + dirent->inode, +- buf + fs->blocksize)) { ++ cd->buf + fs->blocksize)) { + dirent->inode = 0; + dir_modified++; + goto next; +-- +2.31.0 + diff --git a/debian/patches/series b/debian/patches/series index ac4f342..7bad351 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ suppress-orphan-file-is-clean-message-in-preen-mode.patch +e2fsck-fix-handling-of-a-invalid-symlink-in-an-inline-dir.patch -- 1.8.3.1