From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1pLMQa-0006kL-Gy for mharc-grub-devel@gnu.org; Fri, 27 Jan 2023 05:57:52 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pLMQZ-0006kD-K2 for grub-devel@gnu.org; Fri, 27 Jan 2023 05:57:51 -0500 Received: from mout.gmx.net ([212.227.17.20]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pLMQX-0006Q5-LJ for grub-devel@gnu.org; Fri, 27 Jan 2023 05:57:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1674817038; bh=YFDb1h5J+qnpXhK1T1aNOlQNsFmTpcuLng0FQhc/zvA=; h=X-UI-Sender-Class:Date:From:To:Subject:Cc:References:In-Reply-To; b=uEpnuuGDbdyIYcAXiy0m93An53sDRvRTwEcbu3jeoUxVcz4f3csdMbpYgQxonymTw jqwkXfVjKAI+T2D+2auuiM47VfV6LIcySfEzvPp7gUrN6F08Fq2K+tSB2ekJOXFezX 7lChpnu0uYkTrrnraxeMtEWh50dyxkg+5jcII5G5NmdndQ6SZJtLx4aPI3dtilw3eZ gejMc0XLwEK/rkeM72RTEYjf8fH1YhDLWYkZY4N67fjRfkjyU2bts2JfsQPGw0fM1t PkYkrxfiMU+jY1OpGY2QOcfmTwz77W14TxR3ZC3z+qLye9j/kgL6EYpm0AS6Y3TOev wDdwUo2tkTe0A== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from scdbackup.webframe.org ([84.179.236.73]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MPokN-1oycdp1mlv-00MtEZ; Fri, 27 Jan 2023 11:57:18 +0100 Date: Fri, 27 Jan 2023 11:56:50 +0100 From: "Thomas Schmitt" To: grub-devel@gnu.org Subject: Re: [PATCH v3 0/5] fs/iso9660: Fix out-of-bounds read Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Cc: lidong.chen@oracle.com, fengtao40@huawei.com, yanan@huawei.com, daniel.kiper@oracle.com, lichenca2005@gmail.com, development@efficientek.com References: <20230126160557.04885985@crass-HP-ZBook-15-G2> In-Reply-To: <20230126160557.04885985@crass-HP-ZBook-15-G2> Message-Id: <25439393643726147911@scdbackup.webframe.org> X-Provags-ID: V03:K1:qJ12mLvB8MILFr24nd+ulZKTZz88dK8BCjNpWRufe5xeDbqoKF9 hR6T1BazlrRSZoZszl5TOUN+HJzBEUDF9P0o5UCUiGRaie3FUUFqs0TCzC8UbUrLxYim2+Z u8y6x8KOHGaqIw422RVzsgi5DwQqnSysI0ZtrdAjFSZu+TnkOv4XDVtMSoV0EHLnWgMc5Ty WMiPjfjLxMCXwCfMA9nmQ== UI-OutboundReport: notjunk:1;M01:P0:xGSS5co/7iA=;oXpc/XrNUzjTYInW4TiTKu2lge8 IJlXa8vhOaX7cErS8kvTQn7j6mxFdRKCYe9Xg3s96r2Efxn55vwiDlRCJMIn/XUThe3LdRgOA Q82lc/LsWTkXujC2jhOhjeioy1VDlNfnd9uIYJPhnSmhV1KklfkF3d2dqx7hpIREjXC0GZBPj U5IPxhzz3L2t+xH3woXq7XuShFdIByFEczWPCY5mEhWn4n5b5h5uVv6wYGPrVKe7vuSFYawIm E2BbZaPqDxRE1bKWoHJQmsY4JZpBPQxUKQzCkNJy4bT2h3A9avMPi0eeRSl8QWQHtvsb7nBBA DQDYgS4XY9IJAQEgDXbKIMaDnCL+gEWpXDyuBuMICCj0pfUAO5LnFe7XJG+kyonBMn0NUY+Bp L9gZ5LbyVr7K7zsrh8RgSQMv1IkvSb1xBXdx6lfb4qkZyfLQYy2m/N50cePkt139B3+fxkp5s vURd8wshGgHqeSG3eFT177HVOSGg8PY10sMV5yFnaIuIzIy2I9WMpoSBq4M15EzT8mnwNQIx3 gJ6zb3/1xktsv4Q2n2wBxikGjzXFOzKLxydHs1qCLgZa5CH+DS3g+pdnWgtKTgCbjRi9X3y7h itEYoiiQIyopJwNZO+wmlzqJL1hwUkDEDI0ceVysqhNwzNrusP08Vgxr6nlye2ZemMIqj9ds/ DQMmlifvkAXRPLR3jA3aZnAp6ENkIJJbX22HQJA+thRc7qnjZcgFc37S57eTe0DuponissWEH QYTgEqQ0kgSDDl5ViSv4k5p3VRIF+TqiSmNOJ0ASZdd4L4pW8MYYt9/GRxKvqM+Gbx10CS8vh s5RDbgo0p4f2ccVIcm6n4vjcj+NM6kCAXGXVpBJEHqJeO1aNI8lHz45lWG0dGLGKbz0jVffRr HyvrZKqUzUzj8hQll4ZwTK0TE+3g0hAPdFQv1TguqsTJ/XQD8V0U3jTvWx1PZ3Sob74zsIizZ KJfXJA== Received-SPF: pass client-ip=212.227.17.20; envelope-from=scdbackup@gmx.net; helo=mout.gmx.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2023 10:57:51 -0000 Hi, i wrote: > > So it would be better to add one or two canned images: > > 897 bytes of http://scdbackup.webframe.org/ce_loop.iso.gz > > 904 bytes of http://scdbackup.webframe.org/ce_loop2.iso.gz Glenn Washburn wrote: > These are small, I'm good with adding these images to the repository. After the fixes about CE, one of them would suffice. ce_loop.iso is the easier hack and thus more probable to be created by some hoaxer. It does not loop endlessly with GRUB before the fixes. ce_loop2.iso loops endlessly already with the older GRUB versions. > > I would want to run > > gunzip ce_loop.iso > > run_grubfstest ls / > > in the neighborhood of the xorriso runs and then bail out immediately. > Why do you want to bail out at this point? I think what the case > statements should look like is: > > x"iso9660_ce_loop") > gunzip <"@srcdir@"/tests/ce_loop.iso.gz >"${FSIMA= GEP}0.img" ;; The hoax ISOs do not contain the files which the further tests in grub-fs-tester obviously expect. Like: if [ x$NOHARDLINK !=3D xy ]; then if run_grubfstest cmp "$GRUBDIR/$BASEHARD" "$MNTPOINTRO/$O= SDIR/$BASEFILE" ; then So i thought that a single test should be done immediately after unpacking the iso.gz and then all other tests should be skipped. > You were talking about the test endlessly looping above, since these > are native tests we'd put a timeout in the wrapper script that calls > grub-fs-tester. That would look like adding the following line to the en= d of > tests/iso9660_test.in: > timeout -s KILL "3600" "@builddir@/grub-fs-tester" iso9660_ce_loop I was not aware of the timeout command. > A better timeout value could probably be selected. It should be as short= as > possible, but also accounting for the fact that the tests may be run on > slower machines or in virtual machines. I think 60 seconds of timeout should suffice for 100000 loop cycles in C with a function call and repeated reading of the same disk block. If this lasts longer than a minute, then we should reduce the limit of 100,000 loop hops. After applying Lidong Chen's patches i get on a 4 GHz Xeon with nvme disk: $ time ./grub-fstest /u/test/ce_loop.iso ls / real 0m0.086s ... $ time ./grub-fstest /u/test/ce_loop2.iso ls / real 0m0.088s ... Regrettably there is no error message to see. But the fact that grub-fstest neither loops endlessly nor shows a file named "x" indicates that our intention is fulfilled by the patches. > I see some other modifications that I'd like to > make to grub-fs-tester, so I could make the changes to add this as well = with > your guidance. I would be happy if you create the new test. The only guidance i can offer are the download addresses and the SHA256s: http://scdbackup.webframe.org/ce_loop.iso.gz d86b73b0cc260968f50c30a5207b798f5fc2396233aee5eb3cedf9cef069f3c2 http://scdbackup.webframe.org/ce_loop2.iso.gz a6bde0c1562de8959d783bca0a79ad750da2bc129bdea2362b4a7c3e83426b2c If only one of them shall be tested, then i propose ce_loop2.iso . Have a nice day :) Thomas