From owner-freebsd-bugs@FreeBSD.ORG Fri Sep 22 19:00:32 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27CF016A407 for ; Fri, 22 Sep 2006 19:00:32 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 398ED43D55 for ; Fri, 22 Sep 2006 19:00:31 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8MJ0Vfi021157 for ; Fri, 22 Sep 2006 19:00:31 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8MJ0Vjx021156; Fri, 22 Sep 2006 19:00:31 GMT (envelope-from gnats) Resent-Date: Fri, 22 Sep 2006 19:00:31 GMT Resent-Message-Id: <200609221900.k8MJ0Vjx021156@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Fabian Wenk Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49AD316A407 for ; Fri, 22 Sep 2006 18:57:13 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBAB043D45 for ; Fri, 22 Sep 2006 18:57:12 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k8MIvCo2063395 for ; Fri, 22 Sep 2006 18:57:12 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id k8MIvClv063394; Fri, 22 Sep 2006 18:57:12 GMT (envelope-from nobody) Message-Id: <200609221857.k8MIvClv063394@www.freebsd.org> Date: Fri, 22 Sep 2006 18:57:12 GMT From: Fabian Wenk To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: gnu/103496: Corrupted files in copy-pass mode with cpio 2.4.2 and 2.5 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Sep 2006 19:00:32 -0000 >Number: 103496 >Category: gnu >Synopsis: Corrupted files in copy-pass mode with cpio 2.4.2 and 2.5 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Sep 22 19:00:30 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Fabian Wenk >Release: 4.11, 5.4, 6.0, 6.1 >Organization: >Environment: FreeBSD batman.home4u.ch 4.11-RELEASE-p21 FreeBSD 4.11-RELEASE-p21 #12: Sat Sep 16 13:38:13 CEST 2006 root@batman.home4u.ch:/usr/obj/usr/src/sys/BATMAN i386 FreeBSD glaernisch.ethz.ch 5.4-RELEASE-p12 FreeBSD 5.4-RELEASE-p12 #10: Wed Mar 1 21:21:28 CET 2006 root@glaernisch.ethz.ch:/usr/obj/usr/src/sys/GLAERNISCH i386 FreeBSD tamesis.ethz.ch 6.0-RELEASE-p7 FreeBSD 6.0-RELEASE-p7 #1: Sun Apr 30 22:47:38 CEST 2006 root@tamesis.ethz.ch:/usr/obj/usr/src/sys/TAMESIS i386 FreeBSD muertschen.ethz.ch 6.1-RELEASE-p5 FreeBSD 6.1-RELEASE-p5 #4: Mon Aug 28 16:47:03 CEST 2006 root@muertschen.ethz.ch:/usr/obj/usr/src/sys/MUERTSCHEN i386 >Description: We use cpio in a script to do snapshot backup of our file servers. The users have read only access to their own files on the backup servers. In some cases we have files on the backup which at the beginning contain some bytes of the preceding file and missing the same amount of bytes at the end (file size and modification time are the same as in the original file). This missing bytes then can again be at the beginning of the next file, and so on. This creates corrupted files on the backup and in some cases this can be an information leak if the preceding or subsequent file belongs to a different user. My co-worker Axel Beckert found the bug report "Corrupted files in copy-pass mode with cpio 2.4.2 and 2.5" [1] from Holger Fleischmann in the GNU mail archive from March 2004. [1] http://lists.gnu.org/archive/html/bug-cpio/2004-03/msg00000.html This exactly matches the problem we see. During some testing it seems that the maximum shifting is at around 512 bytes. After appling the patch below and rebuilding and installing cpio, we could not reproduce it again. Here are the relevant informations from the GNU cpio change logs: ---8<---------------------------------------------------------------- 2004-03-02 Sergey Poznyakoff * src/util.c (copy_files_disk_to_disk): Bugfix. If a file grew n bytes in copy-pass mode, these n bytes got prepended to the contents of all subsequent files. Fix provided by Holger Fleischmann * THANKS: Added Holger Fleischmann. ---8<---------------------------------------------------------------- >How-To-Repeat: See "Reproducing the bug" in [1]. >Fix: Patch created from GNU cvs [2]: ---8<---------------------------------------------------------------- *** cpio/cpio/src/util.c 2004/02/27 14:18:23 1.2 --- cpio/cpio/src/util.c 2004/03/02 09:20:57 1.3 *************** *** 540,546 **** while (num_bytes > 0) { if (input_size == 0) ! if (rc = disk_fill_input_buffer (in_des, DISK_IO_BLOCK_SIZE)) { if (rc > 0) error (0, 0, _("File %s shrunk by %ld bytes, padding with zeros"), --- 540,546 ---- while (num_bytes > 0) { if (input_size == 0) ! if (rc = disk_fill_input_buffer (in_des, num_bytes)) { if (rc > 0) error (0, 0, _("File %s shrunk by %ld bytes, padding with zeros"), ---8<---------------------------------------------------------------- [2] http://cvs.savannah.gnu.org/viewcvs/cpio/cpio/src/util.c?r1=1.2&r2=1.3&diff_format=c >Release-Note: >Audit-Trail: >Unformatted: