Package: e2fsprogs Version: 1.41.9-1 Severity: normal Hello,
appearently blkid cannot deal very well with somewhat special
characters in filesystem labels. I am not sure how dangerous (read:
security) this really is but at least it's annoying. Programs that
parse the blkid output might return strange results if fooled by e.g.
an USB stick plugged by an attacker.
For the sake of this example I'll use an ext3 fs on /dev/loop0.
# tune2fs -L 'La"bel' /dev/loop0
# blkid | grep /dev/loop0
/dev/loop0: LABEL="La"bel" UUID="321345c2-d851-4f4f-ab68-ba60307a8532"
SEC_TYPE="ext2" TYPE="ext3"
This is not bad per se but cheap parsers might consider the label
being "La" only. This probably applies to blkid itself, now changing
the label:
# tune2fs -L 'La bel' /dev/loop0
# blkid | grep /dev/loop0
/dev/loop0: LABEL="La bel" bel" UUID="321345c2-d851-4f4f-ab68-ba60307a8532"
SEC_TYPE="ext2" TYPE="ext3" UUID="321345c2-d851-4f4f-ab68-ba60307a8532"
^^^^^
adds some garbage to the output, and duplicates the UUID. This is
found in /etc/blkid.tab, too, while the label itself is as specified.
Another funny thing one could do (after clearing /etc/blkid.tab) is
# tune2fs -L '" TYPE="vfat' /dev/loop0
# blkid | grep /dev/loop0
/dev/loop0: LABEL="" TYPE="vfat" UUID="321345c2-d851-4f4f-ab68-ba60307a8532"
SEC_TYPE="ext2" TYPE="ext3"
If there are filesystems that allow long volume labels (24 to 44
characters) it is also possible to inject fake UUIDs.
Please provide protection against such pitfalls. My
suggestions:
* Escape potentially dangerous characters in the blkid output (might
break existing applications), or
* in each line of blkid's output, print the label as the last record[1]
so '"<EOL>' marks the end of the label (not very comfortable
for blkid.tab), or
* provide another, machine readable output format.
Regards,
Christoph
[1] On a side note, a defined order of all records would be helpful,
too (This might apply to lenny only but I cannot reproduce this
right now).
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.27.30 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages e2fsprogs depends on:
ii e2fslibs 1.41.9-1 ext2/ext3/ext4 file system librari
ii libblkid1 2.16-3 block device id library
ii libc6 2.9-25 GNU C Library: Shared libraries
ii libcomerr2 1.41.9-1 common error description library
ii libss2 1.41.9-1 command-line interface parsing lib
ii libuuid1 2.16-3 Universally Unique ID library
e2fsprogs recommends no packages.
Versions of packages e2fsprogs suggests:
pn e2fsck-static <none> (no description available)
pn gpart <none> (no description available)
pn parted <none> (no description available)
-- no debconf information
signature.asc
Description: Digital signature
