View Issue Details

IDProjectCategoryView StatusLast Update
0000688bareos-corefile daemonpublic2019-12-18 15:25
Reportersobolev Assigned Tomvwieringen  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
PlatformLinux x86OSOpenSUSEOS Version13.1
Product Version14.2.7 
Fixed in Version15.2.5 
Summary0000688: "select files by size" feature - ssize_t type overflow on Linux x86
DescriptionInteger overflow in src/findlib/find_one.c:check_size_matching(JCR *jcr, FF_PKT *ff_pkt)
ssize_t in 32-bit linux is int_32
Patch attached.
Steps To Reproduce1. Install bareos-filedaemon on 32-bit linux client (OpenSUSE 13.1)
2. Create 3 test files on client
# ls -lh
total 3.6G
-rw-r--r-- 1 root root 100M Aug 12 15:47 test100
-rw-r--r-- 1 root root 3.0G Aug 12 15:57 test3000
-rw-r--r-- 1 root root 500M Aug 12 15:48 test500
3. Create test fileset
FileSet {
    Name = "Test"
    Include {
        Options {
            size = <200Mb
        }
        File = /home
    }
}
4. Run backup job

Result:
test100 and test3000 backed up.
test500 doesn't.
TagsNo tags attached.

Activities

sobolev

sobolev

2016-08-12 17:55

reporter  

bareos-size-option.patch (1,504 bytes)   
diff -urN bareos.orig/src/findlib/find_one.c bareos/src/findlib/find_one.c
--- bareos.orig/src/findlib/find_one.c	2016-08-09 19:39:21.000000000 +0300
+++ bareos/src/findlib/find_one.c	2016-08-12 17:40:05.181524759 +0300
@@ -217,7 +217,7 @@
  */
 static inline bool check_size_matching(JCR *jcr, FF_PKT *ff_pkt)
 {
-   ssize_t begin_size, end_size, difference;
+   int64_t begin_size, end_size, difference;
 
    /*
     * See if size matching is turned on.
@@ -242,7 +242,7 @@
       /*
        * Calculate the fraction this size is of the wanted size.
        */
-      if ((ssize_t)ff_pkt->statp.st_size > begin_size) {
+      if ((int64_t)ff_pkt->statp.st_size > begin_size) {
          difference = ff_pkt->statp.st_size - begin_size;
       } else {
          difference = begin_size - ff_pkt->statp.st_size;
@@ -253,12 +253,12 @@
        */
       return (difference < (begin_size / 100));
    case size_match_smaller:
-      return (ssize_t)ff_pkt->statp.st_size < begin_size;
+      return (int64_t)ff_pkt->statp.st_size < begin_size;
    case size_match_greater:
-      return (ssize_t)ff_pkt->statp.st_size > begin_size;
+      return (int64_t)ff_pkt->statp.st_size > begin_size;
    case size_match_range:
-      return ((ssize_t)ff_pkt->statp.st_size >= begin_size) &&
-             ((ssize_t)ff_pkt->statp.st_size <= end_size);
+      return ((int64_t)ff_pkt->statp.st_size >= begin_size) &&
+             ((int64_t)ff_pkt->statp.st_size <= end_size);
    default:
       return true;
    }
bareos-size-option.patch (1,504 bytes)   

Related Changesets

bareos: bareos-15.2 df4a2475

2016-08-12 21:10

sobolev_es


Committer: mvwieringen

Ported: N/A

Details Diff
select files by size feature - ssize_t overflow for 32 bits

Integer overflow in src/findlib/find_one.c:check_size_matching()
ssize_t in 32-bit linux is int_32.

Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
Affected Issues
0000688
mod - src/findlib/find_one.c Diff File

Issue History

Date Modified Username Field Change
2016-08-12 17:55 sobolev New Issue
2016-08-12 17:55 sobolev File Added: bareos-size-option.patch
2016-08-12 19:12 mvwieringen Status new => confirmed
2016-08-20 09:20 mvwieringen Changeset attached => bareos bareos-15.2 df4a2475
2016-08-20 09:21 mvwieringen Status confirmed => resolved
2016-08-20 09:21 mvwieringen Fixed in Version => 15.2.5
2016-08-20 09:21 mvwieringen Resolution open => fixed
2016-08-20 09:21 mvwieringen Assigned To => mvwieringen
2019-12-18 15:25 arogge Status resolved => closed