Package: squashfs-tools Version: 1:3.3-1 Severity: grave Justification: causes non-serious data loss
*** Please type your report below this line ***
While testing the squashfs 1:3.3-1 package in a live CD environment
(~2.1 GB uncompressed, ~703 MB compressed), it became apparent that the
lzma patches appear to be used (correct "shsq" (lzma, [1]), respectively
"hsqs" for zlib [2], headers, but exactly the same squashed image size for
lzma and zlib "-nolzma" (identical file size up to the last byte).
Even worse than this, the resulting squashfs image as read by the squashfs
kernel module [3] shows serious signs of data corruption, which is exposed
by file content mapped to wrong file names (files in var/lib/dpkg/info/
duplicated the content of other files from usr/bin/ and elsewhere) or were
completely unreadable (copying them with data errors) - the actually
affected files seem to be random.
These bugs have been confirmed on several amd64 and i386 sytems with
vanilla debian squashfs-tools 1:3.3-1 and custom packages with the patch
suggested in #455589 (and even upstream commits r1.48 and r1.49 of
mksquashfs.c in addition) applied.
Removing the newly added lzma patches from squashfs alltogether fixes these
bugs (see attached debdiff "squashfs_remove-lzma-patches.diff" and [4]) and
results in valid zlib compressed squashfs images (confirmed on various
amd64 and i386 systems).
Regards
Stefan Lippers-Hollmann
[1] mksquashfs . /PATH/TO/TARGET,sqashfs -ef /PATH/TO/EXCLUDE_FILE
[2] mksquashfs . /PATH/TO/TARGET,sqashfs -ef /PATH/TO/EXCLUDE_FILE -nolzma
[3] squashfs mount options: loop,ro
[4]
http://sidux.com/debian/pool/fix.main/s/squashfs/squashfs_3.3-1+c0.sidux.4.dsc
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24-rc5-git3-slh64-smp-1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages squashfs-tools depends on:
ii libc6 2.7-4 GNU C Library: Shared libraries
ii zlib1g 1:1.2.3.3.dfsg-7 compression library - runtime
squashfs-tools recommends no packages.
-- no debconf information
diff -u squashfs-3.3/debian/control.modules.in squashfs-3.3/debian/control.modules.in
--- squashfs-3.3/debian/control.modules.in
+++ squashfs-3.3/debian/control.modules.in
@@ -12,7 +12,7 @@
Package: squashfs-modules-_KVERS_
Architecture: any
Provides: squashfs-modules
-Depends: linux-modules-_KVERS_ | linux-image-_KVERS_, lzma-modules-_KVERS_
+Depends: linux-modules-_KVERS_ | linux-image-_KVERS_
Description: Squash filesystem support for Debian Linux kernels
Squashfs is a highly compressed read-only filesystem for Linux. It uses zlib
compression to compress both files, inodes and directories. Inodes in the
diff -u squashfs-3.3/debian/patches/series squashfs-3.3/debian/patches/series
--- squashfs-3.3/debian/patches/series
+++ squashfs-3.3/debian/patches/series
@@ -1,8 +1,6 @@
-00-sqlzma-tools.patch
-00-sqlzma-tools-fix-sqmagic-path.patch
-00-sqlzma-tools-header-sqmagic.patch
-00-sqlzma-kernel.patch
-00-sqlzma-kernel-cleanup.patch
+00_r1.47_fix-segv-and-mksquashfs-hang.patch
+00_r1.48_fix-dangling-symbolic-links.patch
+00_r1.49_fix-progress-bar-for-hardlinked-files.patch
01-kernel-compat.patch
01-kernel-fix-includes.patch
01-kernel-fix-makefile.patch
diff -u squashfs-3.3/debian/patches/01-kernel-fix-includes.patch squashfs-3.3/debian/patches/01-kernel-fix-includes.patch
--- squashfs-3.3/debian/patches/01-kernel-fix-includes.patch
+++ squashfs-3.3/debian/patches/01-kernel-fix-includes.patch
@@ -1,7 +1,7 @@
-Index: squashfs/linux-2.6/inode.c
+Index: squashfs-3.3/linux-2.6/inode.c
===================================================================
---- squashfs.orig/linux-2.6/inode.c 2007-12-08 23:31:29.000000000 +0000
-+++ squashfs/linux-2.6/inode.c 2007-12-08 23:32:04.000000000 +0000
+--- squashfs-3.3.orig/linux-2.6/inode.c 2007-12-14 01:07:56.000000000 +0100
++++ squashfs-3.3/linux-2.6/inode.c 2007-12-14 01:08:33.000000000 +0100
@@ -21,12 +21,12 @@
* inode.c
*/
@@ -18,10 +18,10 @@
#include <linux/buffer_head.h>
#include <linux/vfs.h>
#include <linux/vmalloc.h>
-Index: squashfs/linux-2.6/squashfs2_0.c
+Index: squashfs-3.3/linux-2.6/squashfs2_0.c
===================================================================
---- squashfs.orig/linux-2.6/squashfs2_0.c 2007-12-08 23:32:59.000000000 +0000
-+++ squashfs/linux-2.6/squashfs2_0.c 2007-12-08 23:33:11.000000000 +0000
+--- squashfs-3.3.orig/linux-2.6/squashfs2_0.c 2007-12-14 01:07:51.000000000 +0100
++++ squashfs-3.3/linux-2.6/squashfs2_0.c 2007-12-14 01:08:33.000000000 +0100
@@ -21,12 +21,12 @@
* squashfs2_0.c
*/
@@ -41,13 +41,13 @@
-Index: squashfs/linux-2.6/squashfs_fs_sb.h
+Index: squashfs-3.3/linux-2.6/squashfs_fs_sb.h
===================================================================
---- squashfs.orig/linux-2.6/squashfs_fs_sb.h 2007-12-09 00:19:24.000000000 +0000
-+++ squashfs/linux-2.6/squashfs_fs_sb.h 2007-12-09 00:19:29.000000000 +0000
+--- squashfs-3.3.orig/linux-2.6/squashfs_fs_sb.h 2007-12-14 01:07:51.000000000 +0100
++++ squashfs-3.3/linux-2.6/squashfs_fs_sb.h 2007-12-14 01:09:07.000000000 +0100
@@ -23,7 +23,7 @@
* squashfs_fs_sb.h
*/
-#include <linux/squashfs_fs.h>
+#include "squashfs_fs.h"
- #include "sqlzma.h"
struct squashfs_cache {
+ long long block;
diff -u squashfs-3.3/debian/rules squashfs-3.3/debian/rules
--- squashfs-3.3/debian/rules
+++ squashfs-3.3/debian/rules
@@ -51,7 +51,7 @@
SNAME = squashfs
PSOURCE = $(SNAME)-source
MNAME = $(SNAME)-modules
-LZMA_H = $(DEB_STOOLS)/sqmagic.h
+#LZMA_H = $(DEB_STOOLS)/sqmagic.h
pre-build::
# Create the 'linux-2.6' directory using last patch of squashfs, it is
only in patch2:
unchanged:
--- squashfs-3.3.orig/debian/patches/00_r1.49_fix-progress-bar-for-hardlinked-files.patch
+++ squashfs-3.3/debian/patches/00_r1.49_fix-progress-bar-for-hardlinked-files.patch
@@ -0,0 +1,23 @@
+--- a/squashfs-tools/mksquashfs.c 2007/11/30 04:16:05 1.48
++++ b/squashfs-tools/mksquashfs.c 2007/12/05 02:15:10 1.49
+@@ -2342,6 +2342,10 @@
+ inode->read = FALSE;
+ inode->inode = SQUASHFS_INVALID_BLK;
+ inode->nlink = 1;
++
++ if((buf->st_mode & S_IFMT) == S_IFREG)
++ estimated_uncompressed += (buf->st_size + block_size - 1) >> block_log;
++
+ if((buf->st_mode & S_IFMT) == S_IFDIR)
+ inode->inode_number = dir_inode_no ++;
+ else
+@@ -2613,9 +2617,6 @@
+ continue;
+ }
+
+- if((buf.st_mode & S_IFMT) == S_IFREG)
+- estimated_uncompressed += (buf.st_size + block_size - 1) >> block_log;
+-
+ if((buf.st_mode & S_IFMT) == S_IFDIR) {
+ if((sub_dir = dir_scan1(filename, new, scan1_readdir)) == NULL)
+ continue;
only in patch2:
unchanged:
--- squashfs-3.3.orig/debian/patches/00_r1.48_fix-dangling-symbolic-links.patch
+++ squashfs-3.3/debian/patches/00_r1.48_fix-dangling-symbolic-links.patch
@@ -0,0 +1,11 @@
+--- a/squashfs-tools/mksquashfs.c 2007/11/26 02:16:45 1.47
++++ b/squashfs-tools/mksquashfs.c 2007/11/30 04:16:05 1.48
+@@ -3499,7 +3499,7 @@
+ s_minor = SQUASHFS_MINOR;
+
+ for(i = 0; i < source; i++)
+- if(stat(source_path[i], &source_buf) == -1) {
++ if(lstat(source_path[i], &source_buf) == -1) {
+ fprintf(stderr, "Cannot stat source directory \"%s\" because %s\n", source_path[i], strerror(errno));
+ EXIT_MKSQUASHFS();
+ }
only in patch2:
unchanged:
--- squashfs-3.3.orig/debian/patches/00_r1.47_fix-segv-and-mksquashfs-hang.patch
+++ squashfs-3.3/debian/patches/00_r1.47_fix-segv-and-mksquashfs-hang.patch
@@ -0,0 +1,39 @@
+--- a/squashfs-tools/mksquashfs.c 2007/11/14 10:54:45 1.46
++++ b/squashfs-tools/mksquashfs.c 2007/11/26 02:16:45 1.47
+@@ -1578,7 +1578,7 @@
+ char *buffer;
+ int block;
+
+- if(memcmp(*block_list, dupl_ptr->block_list, blocks) != 0)
++ if(memcmp(*block_list, dupl_ptr->block_list, blocks * sizeof(unsigned int)) != 0)
+ continue;
+
+ if(checksum_flag == FALSE) {
+@@ -2153,6 +2153,8 @@
+ }
+
+ block_list[block] = read_buffer->c_byte;
++ buffer_list[block].start = bytes;
++ buffer_list[block].size = read_buffer->size;
+
+ if(read_buffer->c_byte) {
+ read_buffer->block = bytes;
+@@ -2167,8 +2169,6 @@
+ buffer_list[block].read_buffer = NULL;
+ alloc_free(read_buffer);
+ }
+- buffer_list[block].start = read_buffer->block;
+- buffer_list[block].size = read_buffer->size;
+ progress_bar(++cur_uncompressed, estimated_uncompressed, columns);
+ }
+
+@@ -2188,7 +2188,8 @@
+ if(dupl_ptr) {
+ *duplicate_file = FALSE;
+ for(block = thresh; block < blocks; block ++)
+- queue_put(to_writer, buffer_list[block].read_buffer);
++ if(buffer_list[block].read_buffer)
++ queue_put(to_writer, buffer_list[block].read_buffer);
+ fragment = get_and_fill_fragment(read_buffer);
+ dupl_ptr->fragment = fragment;
+ } else {
signature.asc
Description: This is a digitally signed message part.
