[Parted-maintainers] Bug#744318: gnu-fdisk: Reproducible crash in query_part_position() when creating partitions
Sami Liedes
sami.liedes at iki.fi
Sat Apr 12 21:22:15 UTC 2014
Package: gnu-fdisk
Version: 1.2.5-2
Severity: important
The following procedure reproducibly segfaults cfdisk for me:
1. cfdisk /dev/sdd
* note: /dev/sdd is a 3 TB disk with no partition table
2. When prompted on whether to create partition table, choose Create
3. Choose msdos disk label type
4. Choose New->Primary->Begining (yes, there's a typo there)
5. Enter 15GB for the new partition size, ext4 for type
6. In the free space, choose New->Primary->End, 1TB, ext4
Now the disk looks as follows:
------------------------------------------------------------
Number Flags Part Type Filesystem Label Size
1 Primary ext4 15003MB
Pri/Ext Free space 1985591MB
2 Primary ext4 999997MB
------------------------------------------------------------
7. In the "Free space" area, choose New->Extended->Begining
8. Press Enter to accept the offered size of 1985591MB
Expected result:
9. cfdisk does not crash, proceeds to create the partition
Actual result:
9. cfdisk segfaults in query_part_position()
Here's a GDB log that indicates the problem is in the variable "range"
being NULL. Note that to reproduce this, you need to compile gnu-fdisk
with debug symbols, for which you will first need to fix it to build
(#741767; I'll send a patch for that).
------------------------------------------------------------
Program received signal SIGSEGV, Segmentation fault.
query_part_position (prompt=0x412a78 "Where do you want to put the partition", context=0x618ac0 <part_position.6684>, pos=0x7fffffffe490, first=29302560, last=3907409624, dev=0x61b150, constraint=0x0,
opts=0x7fffffffe470) at common.c:817
817 fuzzify(pos->start.range, dev, NULL,
(gdb) bt
#0 query_part_position (prompt=0x412a78 "Where do you want to put the partition", context=0x618ac0 <part_position.6684>, pos=0x7fffffffe490, first=29302560, last=3907409624, dev=0x61b150, constraint=0x0,
opts=0x7fffffffe470) at common.c:817
#1 0x0000000000406490 in do_new (c=0x66c640, part=0x7fffffffe568) at cfdisk.c:1160
#2 0x00000000004096a1 in main_plist (c=0x66c640, part=0x7fffffffe568, key=110) at cfdisk.c:2144
#3 0x0000000000409b76 in do_plist (c=0x66c640, part=0x0, have=PED_PARTITION_NORMAL, havent=PED_PARTITION_NORMAL) at cfdisk.c:2325
#4 0x000000000040a803 in do_ui (devname=0x7fffffffe925 "/dev/sdd", dev=0x61b150) at cfdisk.c:2534
#5 0x000000000040abd5 in main (argc=2, argv=0x7fffffffe6e8) at cfdisk.c:2637
(gdb) l
812 /* If UI_SNAP_TO_START isn't true, add fuzz to the
813 * start, otherwise don't.
814 */
815 pos->start.range = ped_geometry_new(dev, pos->start.sector, 1);
816 if (!(*opts & UI_SNAP_TO_START))
817 fuzzify(pos->start.range, dev, NULL,
818 range->length, range->length);
819
820 /* Desired: end = start+length-1LL */
821 pos->end.sector = length;
(gdb) print pos
$1 = (PartPos *) 0x7fffffffe490
(gdb) print dev
$2 = (PedDevice *) 0x61b150
(gdb) print range
$3 = (PedGeometry *) 0x0
(gdb)
------------------------------------------------------------
Sami
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14.0 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages gnu-fdisk depends on:
ii dpkg 1.17.6
ii install-info 5.2.0.dfsg.1-2
ii libc6 2.18-4
ii libncurses5 5.9+20140118-1
ii libparted0debian1 2.3-19
ii libreadline6 6.3-6
ii libtinfo5 5.9+20140118-1
ii libuuid1 2.20.1-5.7
gnu-fdisk recommends no packages.
gnu-fdisk suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/parted-maintainers/attachments/20140413/9032e2ff/attachment.sig>
More information about the Parted-maintainers
mailing list