Package: dosfstools
Version: 3.0.4-1
Severity: critical
Tags: patch
Justification: causes serious data loss
With the change from 3.0.3 to 3.0.4 a singed/unsigned char mismatch was
introduced in check.c, which causes false positives in bad_name().
The problematic line is 257:
char *name = file->dir_ent.name;
Dir_ent.name is of type __u8, which is the same as unsigned char. Thus
name must also be an unsigned char.
If it's not, bad_name() reports a false positive for characters > 0x7f
in line 269:
if (name[i] < ' ' || name[i] == 0x7f) return 1;
A signed char > 0x7f is negative and so always less than the code for a
space.
I've marked this report as critical because with dosfsck -a and
(short) directory names containing such characters they will first
be renamed and then deleted and all it's files end up in unused chains.
Even when you use the -f option, you don't get the exact same files back
because they are padded with zeroes for the size to be a multiple of the
sector length. Besides, the directory structure and original filenames are
lost, too.
I'm attaching a patch with the fix.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.30.2-orbiter.x86-64.1 (PREEMPT)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dosfstools depends on:
ii libc6 2.9-21 GNU C Library: Shared libraries
dosfstools recommends no packages.
dosfstools suggests no packages.
-- no debconf information
diff -ru dosfstools-3.0.4/src/check.c dosfstools-3.0.4.new/src/check.c
--- dosfstools-3.0.4/src/check.c 2009-07-21 07:58:00.000000000 +0200
+++ dosfstools-3.0.4.new/src/check.c 2009-07-26 21:19:08.459704042 +0200
@@ -254,7 +254,7 @@
{
int i, spc, suspicious = 0;
char *bad_chars = atari_format ? "*?\\/:" : "*?<>|\"\\/:";
- char *name = file->dir_ent.name;
+ unsigned char *name = file->dir_ent.name;
/* Do not complain about (and auto-correct) the extended attribute files
* of OS/2. */
