From db1e89eb4eb86fc98dd0e03f381a1e230da201c2 Mon Sep 17 00:00:00 2001 From: Kern Sibbald Date: Thu, 1 May 2008 16:33:28 +0000 Subject: [PATCH] kes Fix strippath so that it does not get a buffer overrun and crash FD. This fixes bug #1078. kes Make inability to change owner/group when creating a dir only a warning rather than an error. git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/branches/Branch-2.2@6867 91ce42f0-d328-0410-95d8-f526ca767f89 --- bacula/patches/2.2.8-strippath.patch | 103 +++++++++++++++++++++++++++ bacula/src/filed/backup.c | 47 ++++++++---- bacula/src/findlib/makepath.c | 2 +- bacula/src/qt-console/mainwin.cpp | 5 -- bacula/src/version.h | 6 +- bacula/technotes-2.1 | 5 ++ 6 files changed, 144 insertions(+), 24 deletions(-) create mode 100644 bacula/patches/2.2.8-strippath.patch diff --git a/bacula/patches/2.2.8-strippath.patch b/bacula/patches/2.2.8-strippath.patch new file mode 100644 index 0000000000..0aae25245b --- /dev/null +++ b/bacula/patches/2.2.8-strippath.patch @@ -0,0 +1,103 @@ + + This patch fixes the strippath bug that created a buffer overrun and thus + a crash in the FD. It fixes bug #1078. + + Apply it to version 2.2.8 or higher with: + + cd + patch -p0 <2.2.8-strippath.patch + ./configure + make + ... + make install + + +Index: src/filed/backup.c +=================================================================== +--- src/filed/backup.c (revision 6843) ++++ src/filed/backup.c (working copy) +@@ -1102,9 +1102,9 @@ + + /* Copy to first path separator -- Win32 might have c: ... */ + while (*in && !IsPathSeparator(*in)) { +- *out++ = *in++; ++ out++; in++; + } +- *out++ = *in++; ++ out++; in++; + numsep++; /* one separator seen */ + for (stripped=0; strippedlink_save = get_pool_memory(PM_FNAME); + } + pm_strcpy(ff_pkt->fname_save, ff_pkt->fname); ++ if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { ++ pm_strcpy(ff_pkt->link_save, ff_pkt->link); ++ Dmsg2(500, "strcpy link_save=%d link=%d\n", strlen(ff_pkt->link_save), ++ strlen(ff_pkt->link)); ++ sm_check(__FILE__, __LINE__, true); ++ } + + /* + * Strip path. If it doesn't succeed put it back. If + * it does, and there is a different link string, + * attempt to strip the link. If it fails, back them + * both back. +- * Don't strip symlinks. ++ * Do not strip symlinks. + * I.e. if either stripping fails don't strip anything. + */ +- if (do_strip(ff_pkt->strip_path, ff_pkt->fname)) { +- if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { +- pm_strcpy(ff_pkt->link_save, ff_pkt->link); +- if (!do_strip(ff_pkt->strip_path, ff_pkt->link)) { +- strcpy(ff_pkt->link, ff_pkt->link_save); +- strcpy(ff_pkt->fname, ff_pkt->fname_save); +- } ++ if (!do_strip(ff_pkt->strip_path, ff_pkt->fname)) { ++ unstrip_path(ff_pkt); ++ goto rtn; ++ } ++ /* Strip links but not symlinks */ ++ if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { ++ if (!do_strip(ff_pkt->strip_path, ff_pkt->link)) { ++ unstrip_path(ff_pkt); + } +- } else { +- strcpy(ff_pkt->fname, ff_pkt->fname_save); +- } +- Dmsg2(200, "fname=%s stripped=%s\n", ff_pkt->fname_save, ff_pkt->fname); ++ } ++ ++rtn: ++ Dmsg3(100, "fname=%s stripped=%s link=%s\n", ff_pkt->fname_save, ff_pkt->fname, ++ ff_pkt->link); + } + + static void unstrip_path(FF_PKT *ff_pkt) +@@ -1172,6 +1184,11 @@ + } + strcpy(ff_pkt->fname, ff_pkt->fname_save); + if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { ++ Dmsg2(500, "strcpy link=%s link_save=%s\n", ff_pkt->link, ++ ff_pkt->link_save); + strcpy(ff_pkt->link, ff_pkt->link_save); ++ Dmsg2(500, "strcpy link=%d link_save=%d\n", strlen(ff_pkt->link), ++ strlen(ff_pkt->link_save)); ++ sm_check(__FILE__, __LINE__, true); + } + } diff --git a/bacula/src/filed/backup.c b/bacula/src/filed/backup.c index 795e6d92a4..7cdb2c8058 100644 --- a/bacula/src/filed/backup.c +++ b/bacula/src/filed/backup.c @@ -1102,9 +1102,9 @@ static bool do_strip(int count, char *in) /* Copy to first path separator -- Win32 might have c: ... */ while (*in && !IsPathSeparator(*in)) { - *out++ = *in++; + out++; in++; } - *out++ = *in++; + out++; in++; numsep++; /* one separator seen */ for (stripped=0; strippedlink_save = get_pool_memory(PM_FNAME); } pm_strcpy(ff_pkt->fname_save, ff_pkt->fname); + if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { + pm_strcpy(ff_pkt->link_save, ff_pkt->link); + Dmsg2(500, "strcpy link_save=%d link=%d\n", strlen(ff_pkt->link_save), + strlen(ff_pkt->link)); + sm_check(__FILE__, __LINE__, true); + } /* * Strip path. If it doesn't succeed put it back. If * it does, and there is a different link string, * attempt to strip the link. If it fails, back them * both back. - * Don't strip symlinks. + * Do not strip symlinks. * I.e. if either stripping fails don't strip anything. */ - if (do_strip(ff_pkt->strip_path, ff_pkt->fname)) { - if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { - pm_strcpy(ff_pkt->link_save, ff_pkt->link); - if (!do_strip(ff_pkt->strip_path, ff_pkt->link)) { - strcpy(ff_pkt->link, ff_pkt->link_save); - strcpy(ff_pkt->fname, ff_pkt->fname_save); - } - } - } else { - strcpy(ff_pkt->fname, ff_pkt->fname_save); + if (!do_strip(ff_pkt->strip_path, ff_pkt->fname)) { + unstrip_path(ff_pkt); + goto rtn; } - Dmsg2(200, "fname=%s stripped=%s\n", ff_pkt->fname_save, ff_pkt->fname); + /* Strip links but not symlinks */ + if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { + if (!do_strip(ff_pkt->strip_path, ff_pkt->link)) { + unstrip_path(ff_pkt); + } + } + +rtn: + Dmsg3(100, "fname=%s stripped=%s link=%s\n", ff_pkt->fname_save, ff_pkt->fname, + ff_pkt->link); } static void unstrip_path(FF_PKT *ff_pkt) @@ -1172,6 +1184,11 @@ static void unstrip_path(FF_PKT *ff_pkt) } strcpy(ff_pkt->fname, ff_pkt->fname_save); if (ff_pkt->type != FT_LNK && ff_pkt->fname != ff_pkt->link) { + Dmsg2(500, "strcpy link=%s link_save=%s\n", ff_pkt->link, + ff_pkt->link_save); strcpy(ff_pkt->link, ff_pkt->link_save); + Dmsg2(500, "strcpy link=%d link_save=%d\n", strlen(ff_pkt->link), + strlen(ff_pkt->link_save)); + sm_check(__FILE__, __LINE__, true); } } diff --git a/bacula/src/findlib/makepath.c b/bacula/src/findlib/makepath.c index 87926a0055..1bf6b21db4 100644 --- a/bacula/src/findlib/makepath.c +++ b/bacula/src/findlib/makepath.c @@ -293,7 +293,7 @@ make_path( ) { /* Note, if we are restoring as NON-root, this may not be fatal */ berrno be; - Jmsg(jcr, M_ERROR, 0, _("Cannot change owner and/or group of %s: ERR=%s\n"), + Jmsg(jcr, M_WARNING, 0, _("Cannot change owner and/or group of %s: ERR=%s\n"), quote(dirpath), be.bstrerror()); } Dmsg0(300, "Chown done.\n"); diff --git a/bacula/src/qt-console/mainwin.cpp b/bacula/src/qt-console/mainwin.cpp index 244011655e..5ce2baf2d1 100644 --- a/bacula/src/qt-console/mainwin.cpp +++ b/bacula/src/qt-console/mainwin.cpp @@ -260,11 +260,6 @@ void MainWin::closeEvent(QCloseEvent *event) } } } - /* - * Close the console pages before non-console pages so that - * the notifier is turned off. Otherwise it prints an error when - * the page it is using gets destroyed. - */ foreach(Console *console, m_consoleHash){ console->writeSettings(); console->terminate(); diff --git a/bacula/src/version.h b/bacula/src/version.h index 444de95350..31ef0210e6 100644 --- a/bacula/src/version.h +++ b/bacula/src/version.h @@ -3,9 +3,9 @@ */ #undef VERSION -#define VERSION "2.2.10-b1" -#define BDATE "19 April 2008" -#define LSMDATE "19Apr08" +#define VERSION "2.2.10-b2" +#define BDATE "01 May 2008" +#define LSMDATE "01May08" #define PROG_COPYRIGHT "Copyright (C) %d-2008 Free Software Foundation Europe e.V.\n" #define BYEAR "2008" /* year for copyright messages in progs */ diff --git a/bacula/technotes-2.1 b/bacula/technotes-2.1 index ecffb41d9c..a378f7ba20 100644 --- a/bacula/technotes-2.1 +++ b/bacula/technotes-2.1 @@ -1,6 +1,11 @@ Technical notes on version 2.2 General: +01May08 +kes Fix strippath so that it does not get a buffer overrun and crash FD. + This fixes bug #1078. +kes Make inability to change owner/group when creating a dir only a + warning rather than an error. 28Apr08 ebl Fix SQL query in migration code 19Apr08 -- 2.39.2