From 37f3dccc986799e67824a605b913b6e95e459d0a Mon Sep 17 00:00:00 2001 From: Wang_M <815543835@qq.com> Date: Wed, 22 Oct 2025 06:15:14 +0000 Subject: [PATCH] fix-the-incorrect-buffer-size-for-super --- ...-the-incorrect-buffer-size-for-super.patch | 41 +++++++++++++++++++ btrfs-progs.spec | 6 ++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 0015-btrfs-progs-fix-the-incorrect-buffer-size-for-super.patch diff --git a/0015-btrfs-progs-fix-the-incorrect-buffer-size-for-super.patch b/0015-btrfs-progs-fix-the-incorrect-buffer-size-for-super.patch new file mode 100644 index 0000000..7bbd59c --- /dev/null +++ b/0015-btrfs-progs-fix-the-incorrect-buffer-size-for-super.patch @@ -0,0 +1,41 @@ +From 84aa7cc8309533c96d52c442dd4cfb1ab02bbe18 Mon Sep 17 00:00:00 2001 +From: Qu Wenruo +Date: Wed, 26 Feb 2025 14:29:15 +1030 +Subject: [PATCH] btrfs-progs: fix the incorrect buffer size for super block + structure + +Inside the function btrfs_add_to_fsid(), we allocate a buffer to write +the superblock to disk. + +However the buffer size is based on block size, which can cause two +problems: + +- 2K block size + The block size is too small for the super block, and we will write + beyond the buffer and corrupt the memory. + +- 16/64K block size + The block size will be larger than super block size, this will not + cause any problem but waste some memory. + +Fix the bug by using BTRFS_SUPER_INFO_SIZE as the correct buffer size. + +Signed-off-by: Qu Wenruo +Signed-off-by: David Sterba +--- + common/device-scan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/common/device-scan.c b/common/device-scan.c +index a34d86652f..7d7d67fb5b 100644 +--- a/common/device-scan.c ++++ b/common/device-scan.c +@@ -148,7 +148,7 @@ int btrfs_add_to_fsid(struct btrfs_trans_handle *trans, + if (!device) + return -ENOMEM; + +- buf = calloc(1, sectorsize); ++ buf = calloc(1, BTRFS_SUPER_INFO_SIZE); + if (!buf) { + ret = -ENOMEM; + goto out; diff --git a/btrfs-progs.spec b/btrfs-progs.spec index d7a7c1e..d458c9e 100644 --- a/btrfs-progs.spec +++ b/btrfs-progs.spec @@ -1,6 +1,6 @@ Name: btrfs-progs Version: 6.6.3 -Release: 15 +Release: 16 Summary: btrfs userspace programs License: GPLv2 and GPL+ and LGPL-2.1+ and GPL-3.0+ and LGPL-2.1 and MIT URL: https://btrfs.wiki.kernel.org/index.php/Main_Page @@ -20,6 +20,7 @@ Patch0011: 0011-btrfs-progs-convert-for-ext2-fix-possible-tree-check.patch Patch0012: 0012-btrfs-progs-convert-insert-a-dummy-inode-item-before.patch Patch0013: 0013-btrfs-progs-corrupt-block-fix-memory-leak-in-debug_c.patch Patch0014: 0014-btrfs-progs-image-fix-the-bug-that-filename-sanitiza.patch +Patch0015: 0015-btrfs-progs-fix-the-incorrect-buffer-size-for-super.patch BuildRequires: python3-devel >= 3.4 BuildRequires: libacl-devel, e2fsprogs-devel, libblkid-devel, libuuid-devel, zlib-devel, libzstd-devel, lzo-devel, systemd-devel @@ -85,6 +86,9 @@ make mandir=%{_mandir} bindir=%{_sbindir} libdir=%{_libdir} incdir=%{_includedir %{_mandir}/man8/*.gz %changelog +* Wed Oct 22 2025 wangmian - 6.6.3-16 +- fix the incorrect buffer size for super + * Tue Sep 30 2025 liuh - 6.6.3-15 - btrfs-progs: image: fix the bug that filename sanitization not working -- Gitee