Opened 15 years ago
Last modified 11 years ago
#215 assigned defect
EMX ead* functions aborts with corrupted EAS
| Reported by: | Yuri Dario | Owned by: | bird |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | libc-backend | Version: | 0.6.2 |
| Severity: | normal | Keywords: | eas |
| Cc: |
Description
Calling _ead_read() on a file with corrupted EAS will crash the running program.
Debug shows that in src\lib\io\eadread.c the function:
static int _ead_make_gea (struct _ead_data *ead, PDENA2 pdena, void *arg)
is calling abort() for wrong name:
if (pdena->szName[pdena->cbName] != 0)
abort ();
Suggested fix is to return EINVAL or similar:
if (pdena->szName[pdena->cbName] != 0)
{
errno = EINVAL;
return -1;
}
memory is freed by caller.
I cannot test the fix right now, but seems good to me.
Change History (5)
comment:1 by , 14 years ago
comment:2 by , 14 years ago
Background: ead_* functions are used in Star backup code to deal with extended attributes (and emulate some xattr code).
In its earlier days, Samba/2 used to write bad EAS in certain conditions, so backup of such files was triggering the above abort() call.
Cleaning EAs for broken files fixed the problem on my side, but I think it is not a good idea to abort a program.
comment:3 by , 14 years ago
| Status: | new → assigned |
|---|
comment:4 by , 13 years ago
| Milestone: | libc-0.6.5 → libc-0.6.6 |
|---|
comment:5 by , 11 years ago
| Milestone: | libc-0.6.6 |
|---|
Need a testcase and/or good explanation what's going wrong here.