Userspace utilities to manage btrfs filesystems
Go to file
Qu Wenruo 1a96fa0e6b btrfs-progs: check: Avoid reading beyond item boundary for dir_item and dir_index
When reading out name from inode_ref, it's possible that corrupted
name_len can lead to read beyond boundary of item or even extent buffer.

This happens when checking fuzzed image /tmp/bko-161811.raw, for both
lowmem mode and original mode.

Below is the example from lowmem mode.

ERROR: root 5 INODE REF[256 256] doesn't have related DIR_INDEX[256 216172782113783808] namelen 255 filename bar filetype 0
ERROR: root 5 INODE REF[256 256] doesn't have related DIR_ITEM[256 1306590535] namelen 255 filename bar filetype 0
WARNING: root 5 INODE[256] mode 0 shouldn't have DIR_INDEX[256 1167283096]
WARNING: root 5 DIR_ITEM[256 1167283096] name too long
==13013== Invalid read of size 1
==13013==    at 0x4C31A38: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13013==    by 0x431518: read_extent_buffer (extent_io.c:863)
==13013==    by 0x4752AB: check_dir_item (cmds-check.c:4627)
==13013==    by 0x475E5C: check_inode_item (cmds-check.c:4911)
==13013==    by 0x476200: check_fs_first_inode (cmds-check.c:5011)
==13013==    by 0x476276: check_fs_root_v2 (cmds-check.c:5044)
==13013==    by 0x4769FB: check_fs_roots_v2 (cmds-check.c:5242)
==13013==    by 0x488B5B: cmd_check (cmds-check.c:13033)
==13013==    by 0x40A8C5: main (btrfs.c:246)
==13013==  Address 0x5c95b80 is 0 bytes after a block of size 4,224 alloc'd
==13013==    at 0x4C2CF35: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13013==    by 0x4307E0: __alloc_extent_buffer (extent_io.c:538)
==13013==    by 0x430C37: alloc_extent_buffer (extent_io.c:642)
==13013==    by 0x413DFE: btrfs_find_create_tree_block (disk-io.c:193)
==13013==    by 0x414370: read_tree_block_fs_info (disk-io.c:340)
==13013==    by 0x40B5D5: read_tree_block (disk-io.h:125)
==13013==    by 0x40CFD2: read_node_slot (ctree.c:652)
==13013==    by 0x40E5EB: btrfs_search_slot (ctree.c:1172)
==13013==    by 0x4761A8: check_fs_first_inode (cmds-check.c:5001)
==13013==    by 0x476276: check_fs_root_v2 (cmds-check.c:5044)
==13013==    by 0x4769FB: check_fs_roots_v2 (cmds-check.c:5242)
==13013==    by 0x488B5B: cmd_check (cmds-check.c:13033)

Fix it by double checking dir_item, name_len against item boundary
before trying to read out name from extent buffer, for both original
mode and lowmem mode.

Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-05-15 16:13:17 +02:00
convert btrfs-progs: convert: Add missing return for HOLE mode when checking convert image 2017-03-31 14:17:48 +02:00
Documentation btrfs-progs: docs: update formatting and wording for btrfs(5) 2017-04-20 18:50:02 +02:00
image btrfs-progs: image: remove unused argument from copy_log_trees 2017-03-08 13:00:48 +01:00
kernel-lib btrfs-progs: Introduce kernel sizes to cleanup large intermediate number 2017-03-08 13:00:45 +01:00
kernel-shared btrfs-progs: shared: cleanup includes in ulist.c 2017-03-08 13:00:47 +01:00
m4
mkfs btrfs-progs: add missing limits headers 2017-03-16 17:02:44 +01:00
tests btrfs-progs: tests: add variable quotation to convert-tests 2017-05-15 16:13:17 +02:00
.gitignore btrfs-progs: tests: add fssum utility 2017-03-16 17:02:44 +01:00
.travis.yml btrfs-progs: run mkfs tests in CI 2016-12-14 15:06:35 +01:00
64-btrfs-dm.rules
Android.mk
androidcompat.h
autogen.sh
backref.c btrfs-progs: move ulist.[ch] to kernel-shared 2017-03-08 13:00:47 +01:00
backref.h btrfs-progs: move ulist.[ch] to kernel-shared 2017-03-08 13:00:47 +01:00
bcp
btrfs-calc-size.c btrfs-progs: deprecate standalone btrfs-calc-size 2016-11-24 13:06:36 +01:00
btrfs-completion
btrfs-corrupt-block.c btrfs-progs: corrupt-block: remove unused argument from corrupt_extent 2017-03-08 13:00:48 +01:00
btrfs-crc.c
btrfs-debug-tree.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
btrfs-debugfs
btrfs-find-root.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
btrfs-fragments.c btrfs-progs: use symbolic tree name when searching 2016-11-09 13:47:29 +01:00
btrfs-list.c btrfs-progs: subvol show: print more details about toplevel subvolume 2016-11-09 13:47:29 +01:00
btrfs-list.h btrfs-progs: subvol show: print more details about toplevel subvolume 2016-11-09 13:47:29 +01:00
btrfs-map-logical.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
btrfs-select-super.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
btrfs-show-super.c btrfs-progs: deprecate standalone btrfs-show-super 2016-11-24 13:06:36 +01:00
btrfs-zero-log.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
btrfs.c btrfs-progs: rework option parser to use getopt for global options 2017-03-31 19:40:57 +02:00
btrfsck.h
btrfstune.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
CHANGES btrfs-progs: update CHANGES for v4.10.2 2017-03-31 17:31:39 +02:00
chunk-recover.c btrfs-progs: remove unused argument from set_extent_dirty 2017-03-08 13:00:47 +01:00
cmds-balance.c btrfs-progs: balance: minor wording adjustment for full balance warning 2017-04-19 18:07:03 +02:00
cmds-check.c btrfs-progs: check: Avoid reading beyond item boundary for dir_item and dir_index 2017-05-15 16:13:17 +02:00
cmds-device.c btrfs-progs: remove unused argument from print_device_chunks 2017-03-08 13:00:48 +01:00
cmds-fi-du.c btrfs-progs: move fs features declarations to own header from utils 2017-03-08 13:00:45 +01:00
cmds-fi-du.h
cmds-fi-usage.c btrfs-progs: remove unused argument from print_device_chunks 2017-03-08 13:00:48 +01:00
cmds-fi-usage.h btrfs-progs: remove unused argument from print_device_chunks 2017-03-08 13:00:48 +01:00
cmds-filesystem.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-inspect-dump-super.c btrfs-progs: print-tree: add validation to print_chunk 2017-04-20 13:35:39 +02:00
cmds-inspect-dump-super.h
cmds-inspect-dump-tree.c btrfs-progs: dump-tree: Also output log root tree 2017-03-16 17:02:45 +01:00
cmds-inspect-dump-tree.h
cmds-inspect-tree-stats.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-inspect-tree-stats.h
cmds-inspect.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-property.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-qgroup.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-quota.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-receive.c btrfs-progs: fix btrfs send & receive with -e flag 2017-04-07 18:51:19 +02:00
cmds-replace.c btrfs-progs: move more mkfs declarations to the common header 2017-03-08 13:00:46 +01:00
cmds-rescue.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-restore.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-scrub.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-send.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
cmds-subvolume.c btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
commands.h btrfs-progs: move prefixcmp helper to utils 2017-03-08 13:00:47 +01:00
common-defs.h btrfs-progs: move some common definitions to own header 2017-03-08 13:00:45 +01:00
configure.ac btrfs-progs: build: split makefile to generated and stable parts 2017-03-08 13:00:46 +01:00
COPYING
ctree.c btrfs-progs: remove unused function wait_on_tree_block_writeback 2017-03-08 13:00:47 +01:00
ctree.h btrfs-progs: library: distribute sizes.h, fix build 2017-03-16 17:02:44 +01:00
dir-item.c btrfs-progs: drop unused argument from btrfs_extend_item 2017-03-08 13:00:47 +01:00
dir-test.c
disk-io.c btrfs-progs: tests: Fix fuzz-test for bko-161821.raw.txt 2017-05-02 16:29:38 +02:00
disk-io.h btrfs-progs: remove unused function wait_on_tree_block_writeback 2017-03-08 13:00:47 +01:00
extent_io.c btrfs-progs: remove unused argument from clear_extent_dirty 2017-03-08 13:00:47 +01:00
extent_io.h btrfs-progs: remove unused argument from clear_extent_dirty 2017-03-08 13:00:47 +01:00
extent-cache.c
extent-cache.h
extent-tree.c btrfs-progs: Fix memory leak when 0 sized block group item is found 2017-05-02 16:13:37 +02:00
file-item.c btrfs-progs: remove unused argument from btrfs_csum_data 2017-03-08 13:00:47 +01:00
file.c btrfs-progs: convert: Rework rollback 2017-03-16 17:02:44 +01:00
find-root.c
find-root.h
free-space-cache.c btrfs-progs: Introduce kernel sizes to cleanup large intermediate number 2017-03-08 13:00:45 +01:00
free-space-cache.h btrfs-progs: check: add support to clear v1 free space cache 2016-11-09 13:12:47 +01:00
free-space-tree.c btrfs-progs: add btrfs_clear_free_space_tree() from the kernel 2016-11-23 11:07:05 +01:00
free-space-tree.h btrfs-progs: add btrfs_clear_free_space_tree() from the kernel 2016-11-23 11:07:05 +01:00
fsck.btrfs
fsfeatures.c btrfs-progs: move fs features implementation to own file 2017-03-08 13:00:45 +01:00
fsfeatures.h btrfs-progs: move fs features declarations to own header from utils 2017-03-08 13:00:45 +01:00
hash.h btrfs-progs: move btrfs_extref_hash() to hash.h 2016-10-25 14:28:36 +02:00
hasher.c
help.c btrfs-progs: move prefixcmp helper to utils 2017-03-08 13:00:47 +01:00
help.h btrfs-progs: move help defines to own header 2017-03-08 13:00:45 +01:00
inode-item.c btrfs-progs: remove unused argument from btrfs_lookup_inode_ref 2017-03-08 13:00:47 +01:00
inode-map.c
inode.c btrfs-progs: remove unused argument from btrfs_lookup_inode_ref 2017-03-08 13:00:47 +01:00
INSTALL btrfs-progs: Update README and other docs 2016-11-23 11:07:05 +01:00
internal.h
ioctl-test.c
ioctl.h btrfs-progs: ioctl: fix compilation if ioctl.h is included standalone 2016-11-23 10:49:33 +01:00
kerncompat.h btrfs-progs: kerncompat: Fix re-definition of __bitwise 2017-03-16 17:40:35 +01:00
library-test.c btrfs-progs: library-test: add all exported headers 2017-03-31 14:17:48 +02:00
Makefile btrfs-progs: fix missing __error symbol in libbtrfs.so.0 2017-03-31 14:17:48 +02:00
Makefile.extrawarn
Makefile.inc.in btrfs-progs: build: split makefile to generated and stable parts 2017-03-08 13:00:46 +01:00
messages.c btrfs-progs: add prefix to message helpers 2017-03-31 14:17:48 +02:00
messages.h btrfs-progs: add prefix to message helpers 2017-03-31 14:17:48 +02:00
print-tree.c btrfs-progs: print-tree: add validation to print_chunk 2017-04-20 13:35:39 +02:00
print-tree.h
props.c
props.h
qgroup-verify.c btrfs-progs: move ulist.[ch] to kernel-shared 2017-03-08 13:00:47 +01:00
qgroup-verify.h
qgroup.c btrfs-progs: qgroup show: refine error messages 2017-01-25 09:47:58 +01:00
qgroup.h btrfs-progs: remove unused function btrfs_get_path_rootid 2016-11-09 13:47:28 +01:00
quick-test.c
raid56.c btrfs-progs: raid56: Introduce new function to calculate raid5 parity or data stripe 2016-12-14 15:06:33 +01:00
random-test.c
rbtree-utils.c
rbtree-utils.h
README.md btrfs-progs: README: sort bug reports means by preference 2017-04-07 18:33:11 +02:00
repair.c
repair.h
root-tree.c btrfs-progs: Use more strict check to read out tree root 2017-05-02 16:33:04 +02:00
send-dump.c btrfs-progs: send: always print a space after path in dump 2017-04-19 19:33:43 +02:00
send-dump.h btrfs-progs: introduce new send-dump object 2016-12-14 15:06:34 +01:00
send-stream.c btrfs-progs: fix btrfs send & receive with -e flag 2017-04-07 18:51:19 +02:00
send-stream.h
send-utils.c btrfs-progs: handle failed strdup in subvol_uuid_search2 2016-12-14 15:06:36 +01:00
send-utils.h btrfs-progs: fixup API after change in subvol_uuid_search 2016-12-14 15:06:36 +01:00
send.h btrfs-progs: Introduce kernel sizes to cleanup large intermediate number 2017-03-08 13:00:45 +01:00
show-blocks
string-table.c
string-table.h
super-recover.c
task-utils.c
task-utils.h
transaction.h btrfs-progs: opencode trivial helper btrfs_free_transaction 2017-03-08 13:00:47 +01:00
utils-lib.c btrfs-progs: move lookup_path_rootid to library utils 2016-11-24 13:06:36 +01:00
utils.c btrfs-progs: move prefixcmp helper to utils 2017-03-08 13:00:47 +01:00
utils.h btrfs-progs: move prefixcmp helper to utils 2017-03-08 13:00:47 +01:00
uuid-tree.c
version.h.in
version.sh Btrfs progs v4.10.2 2017-03-31 17:32:04 +02:00
volumes.c btrfs-progs: report I/O errors when closing the filesystem 2017-03-08 13:36:49 +01:00
volumes.h btrfs-progs: remove unused argument from btrfs_add_system_chunk 2017-03-08 13:00:47 +01:00

Btrfs-progs build status coverity status

Userspace utilities to manage btrfs filesystems. License: GPLv2.

Btrfs is a copy on write (COW) filesystem for Linux aimed at implementing advanced features while focusing on fault tolerance, repair and easy administration.

This repository hosts following utilities:

  • btrfs — the main administration tool (manual page)
  • mkfs.btrfs — utility to create the filesystem (manual page)

See INSTALL for build instructions and tests/README.md for testing information.

Release cycle

The major version releases are time-based and follow the cycle of the linux kernel releases. The cycle usually takes 2 months. A minor version releases may happen in the meantime if there are bug fixes or minor useful improvements queued.

The release tags are signed with a GPG key ID F2B4 1200 C54E FB30 380C 1756 C565 D5F9 D76D 583B, release tarballs are hosted at kernel.org. See file CHANGES or changelogs on wiki.

Reporting bugs

There are several ways, each has its own specifics and audience that can give feedback or work on a fix. The following list is sorted in the order of preference:

  • github issue tracker
  • to the mailing list linux-btrfs@vger.kernel.org -- (not required to subscribe), beware that the mail might get overlooked in other traffic
  • IRC (irc.freenode.net #btrfs) -- good for discussions eg. if a bug is already known, but reports could miss developers' attention
  • bugzilla.kernel.org -- (requires registration), set the product to Filesystems and component Btrfs, please put 'btrfs-progs' into the subject so it's clear that it's not a kernel bug report

Development

The patch submissions, development or general discussions take place at linux-btrfs@vger.kernel.org mailinglist, subsciption is not required to post.

The GitHub pull requests will not be accepted directly, the preferred way is to send patches to the mailinglist instead. You can link to a branch in any git repository if the mails do not make it to the mailinglist or just for convenience (makes it easier to test).

The development model of btrfs-progs shares a lot with the kernel model. The github way is different in some ways. We, the upstream community, expect that the patches meet some criteria (often lacking in github contributions):

  • one logical change per patch: eg. not mixing bugfixes, cleanups, features etc., sometimes it's not clear and will be usually pointed out during reviews
  • proper subject line: eg. prefix with btrfs-progs: subpart, ... , descriptive yet not too long, see git log --oneline for some inspiration
  • proper changelog: the changelogs are often missing or lacking explanation why the change was made, or how is something broken, what are user-visible effects of the bug or the fix, how does an improvement help or the intended usecase
  • the Signed-off-by line: this documents who authored the change, you can read more about the The Developer's Certificate of Origin here (chapter 11)

Documentation updates

Documentation fixes or updates do not need much explanation so sticking to the code rules in the previous section is not necessary. Github pull requests are OK, patches could be sent to me directly and not required to be also in the mailinglist. Pointing out typos via IRC also works, although might get accidentally lost in the noise.

References