Control: tags -1 + patch
[Phil Reynolds 2010-04-05]
> When writing virtual images for later burning to DVDs, if the -C switch
> to cdbackup is not used, the tracks in the images cannot be restored
> using cdrestore as the CRC check fails. This applies whether the images
> are on DVD or have been kept on a hard disc.
I wonder, could this be caused by a memory overflow in the CRC
calculating code? If so, I propose this patch to fix it.
Description: Make sure setting and reading CRC do not work past buffer size.
The code used to store 8 bytes in a 4 byte space, and read 8 bytes from a 4
byte space on 64 bit platforms. Rewrite to use int32_t to ensure only 4
bytes are used.
Author: Petter Reinholdtsen
Bug-Debian: https://bugs.debian.org/576520
Forwarded: no
Last-Update: 2024-06-15
---
--- cdbackup-0.7.1.orig/cdbackup.c
+++ cdbackup-0.7.1/cdbackup.c
@@ -29,6 +29,7 @@ SUCH DAMAGE.
#include
#include
#include
+#include
#include
#include
#include
@@ -392,8 +393,8 @@ int backup(void)
}
}
if(crc) {
- int l=crc32(buffer,bytes+DBSIZE);
- *((unsigned long *)([CD_FRAMESIZE-4]))=l;
+ int32_t l=crc32(buffer,bytes+DBSIZE);
+ *((int32_t *)([CD_FRAMESIZE-sizeof(l)]))=l;
}
Vwrite(buffer); grandTotal+=CD_FRAMESIZE;
} while(db->status==0);
--- cdbackup-0.7.1.orig/cdrestore.c
+++ cdbackup-0.7.1/cdrestore.c
@@ -28,6 +28,7 @@ SUCH DAMAGE.
#include
#include
+#include
#include
#include
#include
@@ -203,8 +204,8 @@ int restore(int disktrack)
}
if(db->flags_CRC) {
- int l=crc32(buffer,size+DBSIZE);
- if(*((unsigned long *)([CD_FRAMESIZE-4]))!=l) {
+ int32_t l=crc32(buffer,size+DBSIZE);
+ if(*((int32_t *)([CD_FRAMESIZE-sizeof(l)]))!=l) {
if(verbose) fprintf(stderr,"%s: bad CRC checksum at
%lld\n",prg_name,totalRead);
serror("Bad checksum, block corrupted, restore failed");
}
The patch is commited to the git repo on
https://salsa.debian.org/debian/cdbackup >, but not uploaded as I could
like to know if it solve this bug first. Are you able to test it?
--
Happy hacking
Petter Reinholdtsen