ProHoster > Blog > litaba tsa inthanete > Ho ba kotsing ho e2fsck ha o sebetsana le li-directory tse etselitsoeng ka ho khetheha

Ho ba kotsing ho e2fsck ha o sebetsana le li-directory tse etselitsoeng ka ho khetheha

Ts'ebelisong ea e2fsck e fanoeng e le karolo ea sephutheloana e-eoa, tsebahatsoa bofokodi (CVE-2019-5188), e u lumellang hore u phethe khoutu ea mohlaseli ha u hlahloba sistimi ea faele e nang le li-directory tse etselitsoeng ka ho khetheha. Ho ba kotsing ho netefalitsoe ho litokollo tsa 1.43.3 ho isa ho 1.45.4. Kotsi e tsitsitse ho ntlafatso e2fsck 1.45.5. Litsing tsa kabo bothata bo ntse bo sa lokisoe (Debian, Arch Linux, SUSE/openSUSE, Botho, RHEL).

Kotsi e bakoa ke phoso mosebetsing oa mutate_name() faeleng ea rehash.c, e sebelisoang ha ho etsoa bocha litafole tsa hash tse amanang le bukana, ho netefatsa hore lifaele tsohle tse bukeng li tsamaisana le bukana. Bobolu ba hash_entry structure e amanang le bukana e ka fella ka hore mohlaseli a ngole lintlha sebakeng se kantle ho buffer e fanoeng. Haeba lifaele tse 'maloa tse nang le lebitso le le leng li khetholloa ka har'a tafole ea hash e hokahane le bukana, sesebelisoa sa e2fsck se reha lifaele tse kopitsoang ka ho eketsa ~ 0, ~ 1, joalo-joalo lebitsong. Ho boloka lebitso le lecha ka nakoana nakong ea ho reha bocha joalo, "buffer" ea li-byte tse 256 ka boholo e abeloa ho stack.

Boholo ba data bo lokelang ho kopitsoa bo khethoa ke poleloana "entry->name_len & 0xff", empa boleng ba entry->name_len bo laeloa ho tloha mohahong oa disk ho e-na le ho baloa ho tloha boholo ba sebele ba lebitso. Haeba boholo bo le lefela, joale lenane la li-array le nka boleng -1 'me maemo a etsoa bakeng sa ho phalla ho feletseng ho pholletsa le moeli o ka tlaase oa buffer (integer underflow) le ho ngola lintlha tse ling holim'a stack ka boleng ba "~0". Bakeng sa litsamaiso tsa 64-bit, tšebeliso e mpe ea ts'oaetso e nkoa e le ntho e ke keng ea etsahala 'me ha e hloke lithibelo ho boholo ba stack (ulimit -s unlimited). Bakeng sa litsamaiso tsa 32-bit, tlhekefetso e nkoa e le ntho e ka khonehang, empa sephetho se itšetlehile haholo ka hore na se ka phethisoang se hlophisitsoe joang ke moqapi.

Ho etsa tlhaselo, mohlaseli o hloka ho senya data ka tsela e itseng karohanong le sistimi ea faele ea ext2, ext3 kapa ext4. Kaha ts'ebetso ena e hloka litokelo tsa basebelisi ba phahameng, ho ba kotsing ho baka tšokelo ha sesebelisoa sa e2fsck se lekola li-drive tsa kantle kapa litšoantšo tsa FS tse amoheloang kantle.

Source: opennet.ru

Eketsa ka tlhaloso