Package: ext4magic Version: 0.3.2-12 Severity: normal Dear Maintainers,
Action: Running ext4magic with -m and -a options on a specific unmounted partition. Result: A segmentation fault in the ext4-magic-scan phase. Expected result: Normal operation, and, if possible, file undeletion, without any crash. Please find a backtrace and further information below. Thank you, Paul --- (gdb) bt #0 __strncpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:298 #1 0x00005555555726d9 in strncpy (__len=60, __src=<optimized out>, __dest=0x5555555b9ea0 "") at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106 #2 magic_check_block (buf=buf@entry=0x5555555c0560 "\377\376", cookie=cookie@entry=0x555555596710, cookie_f=cookie_f@entry=0x5555555b8b20, magic_buf=magic_buf@entry=0x5555555b9ea0 "", size=size@entry=4096, blk=<optimized out>, deep=0) at magic_block_scan.c:552 #3 0x0000555555575120 in magic_block_scan4 ( des_dir=0x7fffffffe4cd "RECOVERDIR", t_after=<optimized out>) at magic_block_scan.c:1706 #4 0x000055555555959e in main (argc=<optimized out>, argv=<optimized out>) at ext4magic.c:1112 --- Further Information I could find myself: The crash is reproducible, but I did not test other ext3/ext4 partitions. It does not happen without the "-a" options, but still for all tested t_after much later then the last read-write mount and deletion. - Line 552 of magic_block_scan.c reads: strncpy(magic_buf, magic_buffer(cookie , buf , size),60); - The source of the strncpy, i.e. magic_buffer(cookie , buf , size), is a pointer to Null. Checked with a build with the "-O0" compilation switch. - The manpage of libmagic states "magic_buffer(), magic_getpath(), and magic_file(), functions return a string on success and NULL on failure." - Dumping the content of "buf" until "buf+size" to a file and running the file command on it outputs "Unicode text, UTF-32, little-endian". However "iconv -f UTF-32 -t UTF-8" fails for this file. The data starts with 0xFFFE0000, but does not look like text to me otherwise. - The content of buf is the same for each crashing run. -- System Information: Debian Release: 10.7 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-13-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ext4magic depends on: ii libblkid1 2.33.1-0.1 ii libbz2-1.0 1.0.6-9.2~deb10u1 ii libc6 2.28-10 ii libext2fs2 1.44.5-1+deb10u3 ii libmagic1 1:5.35-4+deb10u1 ii libuuid1 2.33.1-0.1 ii zlib1g 1:1.2.11.dfsg-1 ext4magic recommends no packages. ext4magic suggests no packages.