Re: [Jfs-discussion] JFS filesystem corruption and jfs_fsck

Fri, 03 Apr 2009 05:45:51 -0700 

On Thu, 2009-04-02 at 11:29 -0400, Michael Peek wrote:
> > From: Dave Kleikamp <sha...@li...> - 2009-04-02 12:46

> > I think exit code 134 means that the program was killed by a SIGABRT
> > signal. I'm not sure where that's coming from. Is there anything at
> > the end of the output that gives a clue? Is there anything unusual in
> > the syslog?
> 
> Syslog shows nothing.  The last few lines of output show:
> 
> The path(s) refer to an unallocated file. Will remove.
> File system object FF1564740 is linked as: 
> modules/metanet/macros/graph_tools/2.122e-314raph_p.sci
> File system object FF1564740 is linked as: 
> macros/graph_tools/2.122e-314raph_p.sci
> The path(s) refer to an unallocated file. Will remove.
> *** %n in writable segment detected ***
> File system object FF1564741 is linked as: 
> modules/metanet/macros/graph_tools/Aborted

Interesting.  I had no idea what "%n in writable segment detected" meant
until I googled it.  I'm guessing the file name being printed has the
string "%n" in it.  The %n field modifies the argument passed in, so it
can be a security vulnerability.  glibc detects this and kills the
process.

I think this patch should fix the problem.  You can download the
jfsutils source from http://jfs.sourceforge.net/source.html#latesrc

Thanks,
Shaggy
-- 
David Kleikamp
IBM Linux Technology Center

Index: fsck/fsck_message.c
===================================================================
RCS file: /cvsroot/jfs/jfsutils/fsck/fsck_message.c,v
retrieving revision 1.6
diff -u -p -r1.6 fsck_message.c
--- fsck/fsck_message.c	5 Jun 2006 19:31:39 -0000	1.6
+++ fsck/fsck_message.c	3 Apr 2009 12:27:32 -0000
@@ -102,9 +102,9 @@ int v_fsck_send_msg(int msg_num, const c
 	sprintf(debug_detail, " [%s:%d]\n", basename(file_name), line_number);
 
 	if (message->msg_level <= msg_lvl) {
-		printf(msg_string);
+		printf("%s", msg_string);
 		if (dbg_output) {
-			printf(debug_detail);
+			printf("%s", debug_detail);
 		}
 		else printf("\n");
 	}

------------------------------------------------------------------------------

_______________________________________________
Jfs-discussion mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jfs-discussion

Reply via email to