diff options
author | Stewart Smith <stewart@linux.vnet.ibm.com> | 2015-12-15 22:51:41 +1100 |
---|---|---|
committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2015-12-15 23:06:31 +1100 |
commit | fd98239a8beb83a3b3f61513860edb69123828d8 (patch) | |
tree | 6ea55b887338d97482139884e59d43136fa70a35 /ffs/src | |
parent | 31bf3f7f7ccaa8025a9db8c5a3ac9adc131faca9 (diff) | |
download | ffs-fd98239a8beb83a3b3f61513860edb69123828d8.tar.gz ffs-fd98239a8beb83a3b3f61513860edb69123828d8.zip |
fpart/libffs doesn't initialized reserved FFS header to 0
When running the fpart test suite under valgrind, you can see that it
writes unitialized data to disk (pnor) in the very first test:
./fpart/fpart --target /tmp/create.nor --size 64MiB --block 64kb \
--partition-offset 0x7f0000 --create
This is because libffs.c doesn't properly initialize the reserved area.
Thus, it could contain any old crap sitting around in memory,
essentially making the reserved fields useless.
Somebody will need to audit *EVERY* libffs created thing in the wild
before ever using that reserved space.
==8261== Syscall param write(buf) points to uninitialised byte(s)
==8261== at 0x4F27C20: __write_nocancel (syscall-template.S:84)
==8261== by 0x4EAE1DE: _IO_file_write@@GLIBC_2.2.5 (fileops.c:1263)
==8261== by 0x4EAF978: new_do_write (fileops.c:518)
==8261== by 0x4EAF978: _IO_do_write@@GLIBC_2.2.5 (fileops.c:494)
==8261== by 0x4EAD9DF: _IO_file_sync@@GLIBC_2.2.5 (fileops.c:874)
==8261== by 0x4EA2FEE: fflush (iofflush.c:41)
==8261== by 0x406D31: ffs_flush (libffs.c:635)
==8261== by 0x408304: __ffs_fclose (libffs.c:718)
==8261== by 0x4032D9: __cleanup_ffs (cmd_create.c:108)
==8261== by 0x4032D9: create.5128 (cmd_create.c:108)
==8261== by 0x4056D2: command (command.c:229)
==8261== by 0x403400: command_create (cmd_create.c:118)
==8261== by 0x4018F8: process_args (main.c:431)
==8261== by 0x4018F8: main (main.c:565)
==8261== Address 0x402201c is in a rw- anonymous segment
Fixes: https://github.com/open-power/ffs/issues/11
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'ffs/src')
-rw-r--r-- | ffs/src/libffs.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ffs/src/libffs.c b/ffs/src/libffs.c index 7518651..96ba32c 100644 --- a/ffs/src/libffs.c +++ b/ffs/src/libffs.c @@ -487,6 +487,10 @@ ffs_t *__ffs_fcreate(FILE *file, off_t offset, uint32_t block_size, self->hdr->block_size = block_size; self->hdr->block_count = block_count; self->hdr->checksum = 0; + self->hdr->resvd[0] = 0; + self->hdr->resvd[1] = 0; + self->hdr->resvd[2] = 0; + self->hdr->resvd[3] = 0; size_t size = self->count * self->hdr->entry_size; |