From owner-freebsd-fs Fri May 17 12:12:12 2002 Delivered-To: freebsd-fs@freebsd.org Received: from dhcp117.mvista.com (gateway-1237.mvista.com [12.44.186.158]) by hub.freebsd.org (Postfix) with ESMTP id E08AB37B407 for ; Fri, 17 May 2002 12:12:04 -0700 (PDT) Received: (from nbliss@localhost) by dhcp117.mvista.com (8.11.6/8.11.6) id g4HJ9JX11805; Fri, 17 May 2002 12:09:19 -0700 Date: Fri, 17 May 2002 12:09:18 -0700 From: Neil Bliss To: Nathan Hawkins Cc: dak , freebsd-fs@FreeBSD.ORG Subject: Re: [FS BUG] How to easily corrupt an UFS file system with user access and big fake files. Message-ID: <20020517120917.A1533@dhcp117.mvista.com> References: <20020515073410.GA634@nitrogen> <3CE27215.2090702@quic.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3CE27215.2090702@quic.net>; from utsl@quic.net on Wed, May 15, 2002 at 10:35:01AM -0400 Sender: owner-freebsd-fs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Is it normal for a sparse file to cause fsck errors? Once upon a time, Nathan Hawkins, then known as utsl, said... > This normal. It is not a bug. It's called a sparse file, which means > that you left most of the file empty, so it didn't allocate space for > the empty part. The empty part isn't really there until you write to it, > you see. > > dak wrote: > > >Hi everybody, > > > >I recently discovered a bug (probably in the FS functions) which allows a simple user to corrupt > >a file system by making ultra large fake files (many GB). > > > >The *attack/bug* is simple, just to create a file (with cache effect disabled or not), to write 1024*1440B, > >lseek() to a very very fat offset, totally out of the file and then to write somes bytes: the result > >is astonishing: > > > >nitrogen% ls -l tmp > >-rwx------ 1 dak wheel 1425637888 May 15 07:46 tmp > > > >You can say it's not a problem, but the file is 1.5GB and I *only* lost 1MB on my disk... > >When editing the file, no problem occurs and I can show datas at the very end of file. > >Of course, when doing a fsck, it tells me the disk contains many errors. > > > >I'm not a kernel developper and I'm not familiar with its functions :< so I cannot tell where > >the problem occurs (but if you can tell me where and why it occurs, it would be nice :)) > > > >(I've attached a sample code, even if it's easy to reproduce) > > > >-- dak > > > >PS: I've not send a PR yet but if you think it's needed, I'll do it. > >PS2: Sorry if my english isn't very good :) > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-fs" in the body of the message > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-fs" in the body of the message -- Neil Bliss - Monta Vista Technical Support Yow!-Zippy-says: You were s'posed to laugh! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message