[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libcdio-devel] Rock Ridge and libisofs/xorriso 'AL' extension

From: Thomas Schmitt
Subject: Re: [Libcdio-devel] Rock Ridge and libisofs/xorriso 'AL' extension
Date: Tue, 25 Jul 2017 10:36:14 +0200


i failed to reproduce the problem with isoinfo of Debian 8
(isoinfo -version says 1.1.11):

  valgrind isoinfo -f -i libcdio-heapoverflow-get_rock_ridge_filename.iso



and finally

  ==12135== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

So now with kali-linux-2017.1-amd64.iso :

  valgrind isoinfo -f -i kali-linux-2017.1-amd64.iso

which really shows dull ISO 9660 names and not the Rock Ridge ones
(which Linux mount and xorriso show).

My Debian system was installed one month after the libcdio change.
So i am a bit surprised to already find the problematic change applied.

Valgrind has complaints about the Kali run:
  ==12236== Invalid read of size 4
  ==12236==    at 0x407B03: parse_dir (in /usr/bin/isoinfo)
  ==12236==    by 0x405B03: main (in /usr/bin/isoinfo)
  ==12236==  Address 0x53fb3d4 is 4 bytes inside a block of size 7 alloc'd
  ==12236==    at 0x4C28C20: malloc (vg_replace_malloc.c:296)
  ==12236==    by 0x407AC2: parse_dir (in /usr/bin/isoinfo)
  ==12236==    by 0x405B03: main (in /usr/bin/isoinfo)
  ==12236== ERROR SUMMARY: 171 errors from 4 contexts (suppressed: 0 from 0)


I wrote:
> > What is actually the bad SUSP thing in the submitted 50 KB ISO ?
> > [...]
> > A hex editor does not show me any recognizable SUSP or RR entries.

Rocky Bernstein wrote:
> If this is a question for me, I don't remember much about the bug. What's
> in the Savannah tracker has all the information I am aware of.

We should re-assess that bug. I get the impression from the bug report and
the ISO that isoinfo was mistaken to handle any SUSP or RR feature in the
50 KB test ISO. So the propblem would not be with interpretation of particular
entries but rather with the start of SUSP+RR interpretation at all.

But first we need to reproduce it.
My git knowledge is still thin, albeit our own repo went git last year.
So a little cheat sheet for retrieving the version before the change
would be welcome.

> > (Does libcdio interpret it to uncompress files ?)

> Probably not, unless someone else added. I don't any such thing.

So the list of allowed entries does not impose the duty to read and
interpret the entries ?
In this case a preliminary fix could be to add "AL" to the list of
allowed SUSP+RR entries. 

Have a nice day :)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]