Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#33248 - [dosfstools] out of bounds write breaks fsck.vfat -a when compiled with _FORTIFY_SOURCE=2

Attached to Project: Arch Linux
Opened by . (Thralas) - Sunday, 30 December 2012, 18:43 GMT
Last edited by Tobias Powalowski (tpowa) - Wednesday, 02 January 2013, 14:42 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tobias Powalowski (tpowa)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


fsck.vfat -a triggers a fortify failure, as a sprintf in check.c:177 overflows de->name by 1 byte (into de->ext, which suggests that it might have been the author's intention).

$ fsck.vfat -a broken_fat.img
dosfsck 3.0.13, 30 Jun 2012, FAT32, LFN
FATs differ - using first FAT.
*** buffer overflow detected ***: fsck.vfat terminated

I can't find an upstream bugtracker, but as the Debian maintainer is the dosfstools author, I've responded to an existing bugtracker entry describing the same issue [1].

Unfortunately, the maintainer doesn't seem to have responded to those bug reports, neither did the patch by Red Hat [2] (which was supposedly sent upstream) end up in a release.

Perhaps we should apply the Red Hat patch (see [2]) in the meantime? I've also attached my own patch, which is a bit more elaborate/robust.

Relevant bug tracker entries:
[1]: (Debian, upstream?)
[2]: (Red Hat)

Steps to reproduce:
This task depends upon

Closed by  Tobias Powalowski (tpowa)
Wednesday, 02 January 2013, 14:42 GMT
Reason for closing:  Fixed
Additional comments about closing:  3.0.13-2