Bug 143196 - GRUB crash on XFS access
Summary: GRUB crash on XFS access
Status: VERIFIED FIXED
Alias: None
Product: SUSE LINUX 10.0
Classification: openSUSE
Component: Basesystem (show other bugs)
Version: RC 4
Hardware: All All
: P5 - None : Major
Target Milestone: ---
Assignee: Dr. Werner Fink
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-01-13 19:35 UTC by Jan Engelhardt
Modified: 2006-07-15 09:28 UTC (History)
0 users

See Also:
Found By: Beta-Customer
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Engelhardt 2006-01-13 19:35:20 UTC 
Reproduce (I hope):
# cat /dev/zero >/dev/hda2 # to be safe
# mkfs.xfs /dev/hda2
# echo "cat (hd0,1)/" | grub --batch
Segmentation fault

Cause:
Note the following liens in grub-0.96/stage2/fsys_xfs.c:
337: static char *usual[2] = {".", ".."};
339: char *name = usual[0];
405: name[namelen] = 0;

In case icore.di_format is XFS_DINODE_FMT_LOCAL, this means we write to a read-only string. The following change in the GRUB CVS looks good to fix it:
http://cvs.savannah.gnu.org/viewcvs/grub/stage2/fsys_xfs.c?r1=1.4&r2=1.5&root=grub

2005-05-08  Yoshinori K. Okuji  <okuji@enbug.org>

  * stage2/fsys_xfs.c (next_dentry): Use arrays of arrays instead of
  arrays of pointers for USUAL, to avoid read-only strings. Reported
  by Sven Wegener <swegener@gentoo.org>.

Confirmed: No crash in GRUB 0.97.
Comment 1 Jan Engelhardt 2006-01-13 19:36:00 UTC 
So this one was for the record only. (Supposedly had not been reported before.)
Comment 2 Jan Engelhardt 2006-01-13 19:37:54 UTC 
I suppose the grub-0.96 on the rescue image does not get fixed for 10.0?
Comment 3 Jan Engelhardt 2006-07-15 09:28:07 UTC 
All set.