Package: ext4magic
Version: 0.3.2-12
Severity: normal

Dear Maintainers,

Action: Running ext4magic with -m and -a options on a specific unmounted
Result: A segmentation fault in the ext4-magic-scan phase.
Expected result: Normal operation, and, if possible, file undeletion, without
any crash.

Please find a backtrace and further information below.

Thank you,

--- (gdb) bt
#0  __strncpy_sse2_unaligned ()
    at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:298
#1  0x00005555555726d9 in strncpy (__len=60, __src=<optimized out>,
    __dest=0x5555555b9ea0 "")
    at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106
#2  magic_check_block (buf=buf@entry=0x5555555c0560 "\377\376",
    magic_buf=magic_buf@entry=0x5555555b9ea0 "", size=size@entry=4096,
    blk=<optimized out>, deep=0) at magic_block_scan.c:552
#3  0x0000555555575120 in magic_block_scan4 (
    des_dir=0x7fffffffe4cd "RECOVERDIR", t_after=<optimized out>)
    at magic_block_scan.c:1706
#4  0x000055555555959e in main (argc=<optimized out>, argv=<optimized out>)
    at ext4magic.c:1112

--- Further Information I could find myself:

The crash is reproducible, but I did not test other ext3/ext4 partitions.

It does not happen without the "-a" options, but still for all tested t_after
much later then the last read-write mount and deletion.

- Line 552 of magic_block_scan.c reads:   strncpy(magic_buf,
, buf , size),60);
- The source of the strncpy, i.e. magic_buffer(cookie , buf , size), is a
to Null. Checked with a build with the "-O0" compilation switch.
- The manpage of libmagic states "magic_buffer(), magic_getpath(), and
magic_file(), functions return a string on success and NULL on failure."
- Dumping the content of "buf" until "buf+size" to a file and running the file
command on it outputs "Unicode text, UTF-32, little-endian". However "iconv -f
UTF-32 -t UTF-8" fails for this file. The data starts with 0xFFFE0000, but does
not look like text to me otherwise.
- The content of buf is the same for each crashing run.

-- System Information:
Debian Release: 10.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-13-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ext4magic depends on:
ii  libblkid1   2.33.1-0.1
ii  libbz2-1.0  1.0.6-9.2~deb10u1
ii  libc6       2.28-10
ii  libext2fs2  1.44.5-1+deb10u3
ii  libmagic1   1:5.35-4+deb10u1
ii  libuuid1    2.33.1-0.1
ii  zlib1g      1:1.2.11.dfsg-1

ext4magic recommends no packages.

ext4magic suggests no packages.

Reply via email to