diff options
authorStewart Smith <>2015-12-15 22:51:41 +1100
committerStewart Smith <>2015-12-15 23:06:31 +1100
commitfd98239a8beb83a3b3f61513860edb69123828d8 (patch)
parent31bf3f7f7ccaa8025a9db8c5a3ac9adc131faca9 (diff)
fpart/libffs doesn't initialized reserved FFS header to 0
When running the fpart test suite under valgrind, you can see that it writes unitialized data to disk (pnor) in the very first test: ./fpart/fpart --target /tmp/create.nor --size 64MiB --block 64kb \ --partition-offset 0x7f0000 --create This is because libffs.c doesn't properly initialize the reserved area. Thus, it could contain any old crap sitting around in memory, essentially making the reserved fields useless. Somebody will need to audit *EVERY* libffs created thing in the wild before ever using that reserved space. ==8261== Syscall param write(buf) points to uninitialised byte(s) ==8261== at 0x4F27C20: __write_nocancel (syscall-template.S:84) ==8261== by 0x4EAE1DE: _IO_file_write@@GLIBC_2.2.5 (fileops.c:1263) ==8261== by 0x4EAF978: new_do_write (fileops.c:518) ==8261== by 0x4EAF978: _IO_do_write@@GLIBC_2.2.5 (fileops.c:494) ==8261== by 0x4EAD9DF: _IO_file_sync@@GLIBC_2.2.5 (fileops.c:874) ==8261== by 0x4EA2FEE: fflush (iofflush.c:41) ==8261== by 0x406D31: ffs_flush (libffs.c:635) ==8261== by 0x408304: __ffs_fclose (libffs.c:718) ==8261== by 0x4032D9: __cleanup_ffs (cmd_create.c:108) ==8261== by 0x4032D9: create.5128 (cmd_create.c:108) ==8261== by 0x4056D2: command (command.c:229) ==8261== by 0x403400: command_create (cmd_create.c:118) ==8261== by 0x4018F8: process_args (main.c:431) ==8261== by 0x4018F8: main (main.c:565) ==8261== Address 0x402201c is in a rw- anonymous segment Fixes: Signed-off-by: Stewart Smith <>
1 files changed, 4 insertions, 0 deletions
diff --git a/ffs/src/libffs.c b/ffs/src/libffs.c
index 7518651..96ba32c 100644
--- a/ffs/src/libffs.c
+++ b/ffs/src/libffs.c
@@ -487,6 +487,10 @@ ffs_t *__ffs_fcreate(FILE *file, off_t offset, uint32_t block_size,
self->hdr->block_size = block_size;
self->hdr->block_count = block_count;
self->hdr->checksum = 0;
+ self->hdr->resvd[0] = 0;
+ self->hdr->resvd[1] = 0;
+ self->hdr->resvd[2] = 0;
+ self->hdr->resvd[3] = 0;
size_t size = self->count * self->hdr->entry_size;
OpenPOWER on IntegriCloud