Re: major security bug in reiserfs (may affect SuSE Linux)

[Mark Glines <paranoid () deathsdoor com>]

On Wed, Jan 10, 2001 at 06:50:33PM +0100, Andreas Ferber wrote:
> Hi,
>
> Could not reproduce it on Linux 2.4.0 with ReiserFS 3.6.24.
>
> But I found some other strange things (everything tested on the
> abovementioned versions):
>
> If you start increasing the directory name length, everything works
> fine up to 3377 characters, as is with a length greater than 4032
> (mkdir says "File name to long" then).
>
> But if you choose a length between (including) 3378 and 4032, weird
> things happen: "ls" and "echo *" no longer show the directory (the
> directory is certainly there as you can "cd" into it and "pwd"
> correctly shows it) If the length is smaller than 3922, you can still
> show the directory with "find -maxdepth 1" (longer names even
> disappear from find).
>
> Also sometimes other entries in the directory you were creating the
> overlong name in start disappearing from ls. The only system I could
> find till now is for filename length <3922 that all files showing up
> in the find output after the long name are not shown by ls (the
> position changes if you change the name length, but for one particular
> length it is constant if you remove and recreate the directory several
> times)

Hi!  I'm running Linux 2.4.0 with reiserfs 3.6.24 as well, and I was
not able to find any problems with long directory names whatsoever,
neither the original advisory (regarding kernel Oopsen) nor yours
(regarding hidden directories over a certain length).  The only thing I
was able to verify was that the kernel does yield a "File name too long"
error.  Other than that, everything worked perfectly, including bash's
* and <tab> completion, ls, find and anything else I tried.

My guess is perhaps this is a glibc problem?  You were using glibc 2.1.3,
I am running glibc 2.2, and cannot reproduce this at all.

Your thoughts?
--
Paranoid
Wielder of Sporks