* [BUG] f2fs-tools: fsck infinite loop in options parsing
@ 2025-08-27 14:20 Egor Shestakov
0 siblings, 0 replies; only message in thread
From: Egor Shestakov @ 2025-08-27 14:20 UTC (permalink / raw)
To: linux-fsdevel
Hi!
I found a bug in the fsck.f2fs that cause infinite loop in
f2fs_parse_options(). To reproduce it you can call program with a
'-py' united options combination, but when it's separate '-p -y'
works well. Simply execute `./f2fs.fsck -py` to catch the bug.
Buggy part of a fsck/main.c code (unchanged since 2018):
> case 'p':
> /* preen mode has different levels:
> * 0: default level, the same as -a
> * 1: check meta
> * 2: same as 0, but will skip some
> * check for old kernel
> */
> if (optarg[0] == '-' || !is_digits(optarg) ||
> optind == argc) {
> MSG(0, "Info: Use default preen mode\n");
> c.preen_mode = PREEN_MODE_0;
> c.auto_fix = 1;
> optind--;
> break;
> }
The bug occurs when a case 'p' match and after it there is not
suitable argument so a decrement optind-- happened. Since the
option '-p' united with its argument a getopt increments optind
only by one, not by two, as expected. Therefore it enters to
infinite loop.
I couldn't find good solution. Changing a preen level options
semantic is impossible because breaks many scripts, for example
in initrd. Possible solution is use a two colons in optstring
that means optinal argument, but this is a GNU extension, so not
all standard libraries support it, in particular Musl.
--
Egor Shestakov
vedingrot ascii(0x40) gmail ascii(0x2E) com
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-08-27 14:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-27 14:20 [BUG] f2fs-tools: fsck infinite loop in options parsing Egor Shestakov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).