[Bug 1073514] Re: cp, mv, install: data loss due to free memory read

Colin Watson cjwatson at canonical.com
Thu Nov 8 15:56:29 UTC 2012 

** Description changed:

+ [Impact] cp/mv/install may read from freed memory in cases of very fragmented and sparse input files, sometimes producing corrupt output.
+ [Test case] The following command should succeed, with no output:
+   rm -f j j2 && perl -e 'for (1..600) { sysseek (*STDOUT, 4096, 1) && syswrite (*STDOUT, "a" x 1024) or die "$!" }' > j && valgrind --quiet --error-exitcode=3 cp j j2 && cmp j j2
+ [Regression potential] cp being what it is, ordinary use of a system for a while should be sufficient regression-testing.
+ 
+ Original report follows:
+ 
  This was originally reported as happening on copying larges in highly-
  fragmented filesystems, and affects coreutils from 8.11 to 8.19 (8.20
  has just been released with the fix included).
  
  Ubuntu versions affected:
-  * Precise (8.13)
-  * Quantal (8.13)
-  * Raring (8.13)
+  * Precise (8.13)
+  * Quantal (8.13)
+  * Raring (8.13)
  
  Upstream bug: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12656
  Uptream ML thread: http://lists.gnu.org/archive/html/bug-coreutils/2012-10/msg00090.html
  
  Upstream commits:
  * 64aef5fb9afecc023a6e719da161dbbf450908b8 (actual patch, and test)
  * 0aeaa506ad9dd09479a298e4febe79b55c10a0e2 (adjust NEWS to point out mv and install are also affected)
  
  A test has been added to check for this error:  tests/cp/fiemap-FMR.sh
  
  ProblemType: Bug
  DistroRelease: Ubuntu 12.10
  Package: coreutils 8.13-3.2ubuntu2
  ProcVersionSignature: Ubuntu 3.5.0-18.29-generic 3.5.7
  Uname: Linux 3.5.0-18-generic x86_64
  ApportVersion: 2.6.1-0ubuntu6
  Architecture: amd64
  CheckboxSubmission: c8a7d84e13c3b258e707f056604eb0e0
  CheckboxSystem: d00f84de8a555815fa1c4660280da308
  Date: Wed Oct 31 05:24:37 2012
  InstallationDate: Installed on 2012-10-21 (9 days ago)
  InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
  MarkForUpload: True
  SourcePackage: coreutils
  UpgradeStatus: No upgrade log present (probably fresh install)

** Changed in: coreutils (Ubuntu Raring)
       Status: New => Triaged

** Changed in: coreutils (Ubuntu Quantal)
       Status: New => Triaged

** Changed in: coreutils (Ubuntu Quantal)
   Importance: Undecided => High

** Changed in: coreutils (Ubuntu Quantal)
     Assignee: (unassigned) => Colin Watson (cjwatson)

** Changed in: coreutils (Ubuntu Precise)
       Status: New => Triaged

** Changed in: coreutils (Ubuntu Precise)
   Importance: Undecided => High

** Changed in: coreutils (Ubuntu Precise)
     Assignee: (unassigned) => Colin Watson (cjwatson)

** Changed in: coreutils (Ubuntu Precise)
    Milestone: None => ubuntu-12.04.2

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to coreutils in Ubuntu.
https://bugs.launchpad.net/bugs/1073514

Title:
  cp, mv, install: data loss due to free memory read

Status in “coreutils” package in Ubuntu:
  Triaged
Status in “coreutils” source package in Precise:
  Triaged
Status in “coreutils” source package in Quantal:
  Triaged
Status in “coreutils” source package in Raring:
  Triaged

Bug description:
  [Impact] cp/mv/install may read from freed memory in cases of very fragmented and sparse input files, sometimes producing corrupt output.
  [Test case] The following command should succeed, with no output:
    rm -f j j2 && perl -e 'for (1..600) { sysseek (*STDOUT, 4096, 1) && syswrite (*STDOUT, "a" x 1024) or die "$!" }' > j && valgrind --quiet --error-exitcode=3 cp j j2 && cmp j j2
  [Regression potential] cp being what it is, ordinary use of a system for a while should be sufficient regression-testing.

  Original report follows:

  This was originally reported as happening on copying larges in highly-
  fragmented filesystems, and affects coreutils from 8.11 to 8.19 (8.20
  has just been released with the fix included).

  Ubuntu versions affected:
   * Precise (8.13)
   * Quantal (8.13)
   * Raring (8.13)

  Upstream bug: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12656
  Uptream ML thread: http://lists.gnu.org/archive/html/bug-coreutils/2012-10/msg00090.html

  Upstream commits:
  * 64aef5fb9afecc023a6e719da161dbbf450908b8 (actual patch, and test)
  * 0aeaa506ad9dd09479a298e4febe79b55c10a0e2 (adjust NEWS to point out mv and install are also affected)

  A test has been added to check for this error:  tests/cp/fiemap-FMR.sh

  ProblemType: Bug
  DistroRelease: Ubuntu 12.10
  Package: coreutils 8.13-3.2ubuntu2
  ProcVersionSignature: Ubuntu 3.5.0-18.29-generic 3.5.7
  Uname: Linux 3.5.0-18-generic x86_64
  ApportVersion: 2.6.1-0ubuntu6
  Architecture: amd64
  CheckboxSubmission: c8a7d84e13c3b258e707f056604eb0e0
  CheckboxSystem: d00f84de8a555815fa1c4660280da308
  Date: Wed Oct 31 05:24:37 2012
  InstallationDate: Installed on 2012-10-21 (9 days ago)
  InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
  MarkForUpload: True
  SourcePackage: coreutils
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/1073514/+subscriptions

More information about the foundations-bugs mailing list