Your message dated Mon, 27 Jul 2009 12:47:03 +0000 with message-id <e1mvpbb-0006dr...@ries.debian.org> and subject line Bug#538758: fixed in dosfstools 3.0.5-1 has caused the Debian Bug report #538758, regarding dosfsck: signed/unsigned char mismatch in check.c causes false positives in bad_name() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 538758: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538758 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: dosfstools Version: 3.0.4-1 Severity: critical Tags: patch Justification: causes serious data loss With the change from 3.0.3 to 3.0.4 a singed/unsigned char mismatch was introduced in check.c, which causes false positives in bad_name(). The problematic line is 257: char *name = file->dir_ent.name; Dir_ent.name is of type __u8, which is the same as unsigned char. Thus name must also be an unsigned char. If it's not, bad_name() reports a false positive for characters > 0x7f in line 269: if (name[i] < ' ' || name[i] == 0x7f) return 1; A signed char > 0x7f is negative and so always less than the code for a space. I've marked this report as critical because with dosfsck -a and (short) directory names containing such characters they will first be renamed and then deleted and all it's files end up in unused chains. Even when you use the -f option, you don't get the exact same files back because they are padded with zeroes for the size to be a multiple of the sector length. Besides, the directory structure and original filenames are lost, too. I'm attaching a patch with the fix. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (x86_64) Kernel: Linux 2.6.30.2-orbiter.x86-64.1 (PREEMPT) Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dosfstools depends on: ii libc6 2.9-21 GNU C Library: Shared libraries dosfstools recommends no packages. dosfstools suggests no packages. -- no debconf informationdiff -ru dosfstools-3.0.4/src/check.c dosfstools-3.0.4.new/src/check.c --- dosfstools-3.0.4/src/check.c 2009-07-21 07:58:00.000000000 +0200 +++ dosfstools-3.0.4.new/src/check.c 2009-07-26 21:19:08.459704042 +0200 @@ -254,7 +254,7 @@ { int i, spc, suspicious = 0; char *bad_chars = atari_format ? "*?\\/:" : "*?<>|\"\\/:"; - char *name = file->dir_ent.name; + unsigned char *name = file->dir_ent.name; /* Do not complain about (and auto-correct) the extended attribute files * of OS/2. */
--- End Message ---
--- Begin Message ---Source: dosfstools Source-Version: 3.0.5-1 We believe that the bug you reported is fixed in the latest version of dosfstools, which is due to be installed in the Debian FTP archive: dosfstools-dbg_3.0.5-1_i386.deb to pool/main/d/dosfstools/dosfstools-dbg_3.0.5-1_i386.deb dosfstools_3.0.5-1.diff.gz to pool/main/d/dosfstools/dosfstools_3.0.5-1.diff.gz dosfstools_3.0.5-1.dsc to pool/main/d/dosfstools/dosfstools_3.0.5-1.dsc dosfstools_3.0.5-1_i386.deb to pool/main/d/dosfstools/dosfstools_3.0.5-1_i386.deb dosfstools_3.0.5.orig.tar.gz to pool/main/d/dosfstools/dosfstools_3.0.5.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 538...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Baumann <dan...@debian.org> (supplier of updated dosfstools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 27 Jul 2009 14:38:51 +0200 Source: dosfstools Binary: dosfstools dosfstools-dbg Architecture: source i386 Version: 3.0.5-1 Distribution: unstable Urgency: low Maintainer: Daniel Baumann <dan...@debian.org> Changed-By: Daniel Baumann <dan...@debian.org> Description: dosfstools - utilities for making and checking MS-DOS FAT filesystems dosfstools-dbg - utilities for making and checking MS-DOS FAT filesystems (debug) Closes: 538758 Changes: dosfstools (3.0.5-1) unstable; urgency=low . * Merging upstream version 3.0.5: - fixes bug from VFAT patent avoidance patch that can resultin data loss (Closes: #538758). Checksums-Sha1: b9fc8ac58befbb86d1d5dfdba0337b407f1c3695 1158 dosfstools_3.0.5-1.dsc e5991d14984effb16340925082257a7b96f24031 75908 dosfstools_3.0.5.orig.tar.gz 45936e59e678c889007c139bf575ea004ac0a5a2 10946 dosfstools_3.0.5-1.diff.gz 26492ba6ca471ae784e56c59cceccfc14b5095e0 86708 dosfstools_3.0.5-1_i386.deb bddbd387c197acb39b7d2e6cab55c6e0876f6e78 84068 dosfstools-dbg_3.0.5-1_i386.deb Checksums-Sha256: 7cffbb6bf51b0e1a8f6d2569865c207609bc60f47cc6f8ed8779a2c0404a5b91 1158 dosfstools_3.0.5-1.dsc e44be7aec77ce72b9e35810a84c539911f2958033dab5bd16d0f6534e3438f1f 75908 dosfstools_3.0.5.orig.tar.gz 9fc761c7c18e5206dcb0a551fd766774c45562ac890f51c3a576b6a051ac70e0 10946 dosfstools_3.0.5-1.diff.gz 6f51426f106af9e205e7db15767ecfc2da85b81ab7244cfc92a3e2be580639b4 86708 dosfstools_3.0.5-1_i386.deb 65a87ea56a5456d33406c32973a40eaef7f6a848299c8628fbb4e6d69b1c78ac 84068 dosfstools-dbg_3.0.5-1_i386.deb Files: 6947afdddf908716998ef38775f32c59 1158 otherosfs optional dosfstools_3.0.5-1.dsc d48177cde9c6ce64333133424bf32912 75908 otherosfs optional dosfstools_3.0.5.orig.tar.gz 622650a6b1f94e9dc7cc39f812736d62 10946 otherosfs optional dosfstools_3.0.5-1.diff.gz 5b15e21f485edec516c539e0349139f7 86708 otherosfs optional dosfstools_3.0.5-1_i386.deb a1de43ce1160ffd9fea32d301fe24bf2 84068 debug extra dosfstools-dbg_3.0.5-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkptoD4ACgkQ+C5cwEsrK55VbQCgg2uLNSFOe1lFwCm+g4D03Iih 9DIAnRyU/mPjeYSbrKZY1l8GHbVnA2Pb =kVOh -----END PGP SIGNATURE-----
--- End Message ---
