Your message dated Mon, 02 Feb 2009 20:32:27 +0000
with message-id <e1lu5t1-0007m7...@ries.debian.org>
and subject line Bug#511995: fixed in unionfs-fuse 0.21-3
has caused the Debian Bug report #511995,
regarding unionfs-fuse: too short memory allocation when determining absolute
path
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
511995: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: unionfs-fuse
Version: 0.21-2
Severity: important
Tags: patch
Hi again,
It took me a little while to track it down, but here it is:
When using relative paths unionfs-fuse wasn't allocation enough memory thus the
resulting absolute path was not always correct.
Diff of strace (- current code, + patched code):
-open("/home/ttttttt/ffffff/imagess/\31", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No
such file or directory)
+open("/home/ttttttt/ffffff/images/", O_RDONLY|O_LARGEFILE) = 4
And as you can guess all the remaining lstat and other system calls fail
because the path doesn't exist.
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
--- unionfs-fuse-0.21.orig/src/opts.c
+++ unionfs-fuse-0.21/src/opts.c
@@ -52,7 +52,7 @@
// 2 due to: +1 for '/' between cwd and relpath
// +1 for terminating '\0'
- int abslen = cwdlen + strlen(relpath) + 2;
+ int abslen = cwdlen + strlen(relpath) + 3;
if (abslen > PATHLEN_MAX) {
fprintf(stderr, "Absolute path too long!\n");
return NULL;
--- End Message ---
--- Begin Message ---
Source: unionfs-fuse
Source-Version: 0.21-3
We believe that the bug you reported is fixed in the latest version of
unionfs-fuse, which is due to be installed in the Debian FTP archive:
unionfs-fuse_0.21-3.diff.gz
to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3.diff.gz
unionfs-fuse_0.21-3.dsc
to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3.dsc
unionfs-fuse_0.21-3_amd64.deb
to pool/main/u/unionfs-fuse/unionfs-fuse_0.21-3_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 511...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bernd Schubert <bernd-schub...@gmx.de> (supplier of updated unionfs-fuse
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 24 Jan 2009 00:10:44 +0100
Source: unionfs-fuse
Binary: unionfs-fuse
Architecture: source amd64
Version: 0.21-3
Distribution: unstable
Urgency: high
Maintainer: Bernd Schubert <bernd-schub...@gmx.de>
Changed-By: Bernd Schubert <bernd-schub...@gmx.de>
Description:
unionfs-fuse - Fuse implementation of unionfs
Closes: 511158 511995
Changes:
unionfs-fuse (0.21-3) unstable; urgency=high
.
* fixes critical buffer overflow on using relativ pathes
* slightly improve the man page to tell people without -ocow
not everything might work as expected
* change binary path from /usr/sbin to /usr/bin
* (closes: #511995)
* (closes: #511158)
Checksums-Sha1:
59e76d074c57771ab8685038b2b5294dae3b3ce4 1017 unionfs-fuse_0.21-3.dsc
db94f993a4fd5c7433a226ca06b9ea4bb79794b0 5955 unionfs-fuse_0.21-3.diff.gz
09ee6735f2fd64b8f4154c0c134fea4860403f63 25104 unionfs-fuse_0.21-3_amd64.deb
Checksums-Sha256:
a5213ea738fcaf9a2afdfb61955374b174e22569ace57772c95c97edca922890 1017
unionfs-fuse_0.21-3.dsc
a29f132b956a59fc66b160390e363661b8a90aa721268b30c75a5c44a82a4052 5955
unionfs-fuse_0.21-3.diff.gz
6ee43218b63a4bc8c8ab55f84052400330942d714057a224f0842f8dd8bc7d29 25104
unionfs-fuse_0.21-3_amd64.deb
Files:
efafe1707da1a12982d54ce894788dc1 1017 misc optional unionfs-fuse_0.21-3.dsc
66b4b644abcbcddf467341a9226f4ff9 5955 misc optional unionfs-fuse_0.21-3.diff.gz
2fef47f1aad19b4808b7860cedb78c05 25104 misc optional
unionfs-fuse_0.21-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmHVTYACgkQx/UhwSKygsp7owCfVpqdsGfqawVoVbxsiRZWHJqg
ycYAoIltarFhgDal+0t9jOB6v6nWj+Ta
=zXu4
-----END PGP SIGNATURE-----
--- End Message ---
