Date: Wed, 15 May 2002 09:34:10 +0200 From: dak <aurelien.nephtali@wanadoo.fr> To: freebsd-fs@freebsd.org Subject: [FS BUG] How to easily corrupt an UFS file system with user access and big fake files. Message-ID: <20020515073410.GA634@nitrogen>
next in thread | raw e-mail | index | archive | help
Hi everybody, I recently discovered a bug (probably in the FS functions) which allows a simple user to corrupt a file system by making ultra large fake files (many GB). The *attack/bug* is simple, just to create a file (with cache effect disabled or not), to write 1024*1440B, lseek() to a very very fat offset, totally out of the file and then to write somes bytes: the result is astonishing: nitrogen% ls -l tmp -rwx------ 1 dak wheel 1425637888 May 15 07:46 tmp You can say it's not a problem, but the file is 1.5GB and I *only* lost 1MB on my disk... When editing the file, no problem occurs and I can show datas at the very end of file. Of course, when doing a fsck, it tells me the disk contains many errors. I'm not a kernel developper and I'm not familiar with its functions :< so I cannot tell where the problem occurs (but if you can tell me where and why it occurs, it would be nice :)) (I've attached a sample code, even if it's easy to reproduce) -- dak PS: I've not send a PR yet but if you think it's needed, I'll do it. PS2: Sorry if my english isn't very good :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020515073410.GA634>