[PATCH nbdkit 1/1] Fix mke2fs command line
by Mykola Ivanets
Man page says:
The file system size is specified by fs-size. If fs-size does not have
a suffix, it is interpreted as power-of-two kilobytes, unless the -b
blocksize option is specified, in which case fs-size is interpreted as
the number of blocksize blocks. If the fs-size is suffixed by 'k', 'm',
'g', 't' (either upper-case or lower-case), then it is interpreted in
power-of-two kilobytes, megabytes, gigabytes, terabytes, etc. If
fs-size is omitted, mke2fs will create the file system based on the
device size.
We could add '-b 1' parameter and specify fs-size, or just remove
fs-size parameter, in this case mke2fs will create the file system based
on device size. I prefer later option just because it will avoid
duplicating fs-size specification twice (in the previous 'truncate'
command and in 'mke2fs').
---
tests/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 53cc00d1..2a7e9623 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1895,7 +1895,7 @@ ext2.img: disk test-ext2-exportname.sh
cp $< ext2.img.d/disks/disk.img
echo /disks/disk.img > ext2.img.d/manifest
$(TRUNCATE) -s 2147483648 $@-t
- mke2fs -q -F -t ext4 -d ext2.img.d $@-t 2147483648
+ mke2fs -q -F -t ext4 -d ext2.img.d $@-t
rm -r ext2.img.d
mv $@-t $@
--
2.51.0.windows.2
3 weeks, 4 days
copy tests failing in libnbd with ZoL
by Richard W.M. Jones
[Adding the public mailing list]
On Thu, Oct 23, 2025 at 02:13:58PM +0200, Arsen Arsenović wrote:
> BTW, partially related; the following tests seem to fail on OpenZFS
> (ZoL, specifically):
>
> FAIL: copy-allocated-destination-zero-asynch.sh
> FAIL: copy-allocated-destination-zero-synch.sh
I wonder if you can grab 'copy/copy-allocated-destination-zero-asynch.sh.log'
and/or 'copy/copy-allocated-destination-zero-synch.sh.log' from the
failing tests?
The tests themselves check that these functions work respectively:
https://gitlab.com/nbdkit/libnbd/-/blob/6182a590ced685694574b74884c9cec53...
https://gitlab.com/nbdkit/libnbd/-/blob/6182a590ced685694574b74884c9cec53...
In particular, the tests check for the path where target_is_zero == true
and allocated == true, which should write allocated zeroes to the output file.
Looking at the functions now, it seems broken to me to return
immediately from the functions when target_is_zero. However if that
code was wrong then the functions wouldn't work on any filesystem, it
would have nothing to do with ZFS. So I'm not sure ...
Having the logs would help.
> I suspect the filesystem is at fault (tmpfs works fine).
>
> Have a lovely day!
> --
> Arsen Arsenović
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
1 month
[libnbd PATCH] uri: Sanitize user-provided hostnames
by Eric Blake
Dan Berrangé ran a free trial of zeropath (http://zeropath.com/) AI
analysis on libnbd, and it highlighted the following:
"When using nbd+ssh:// URIs the library constructs an argv array for
ssh from parsed URI parts (server, port, user, unix socket, nbd-port)
and execs it. The server component is used directly as an ssh
argument; if it begins with '-' an attacker can inject ssh options
(e.g. -oProxyCommand=...) that cause ssh to run local commands. There
is no protection (such as rejecting leading '-' in server or inserting
a '--' to stop option parsing), so an attacker who can supply the URI
can cause local command execution in the client process."
eg with this.... "nbdinfo nbd+ssh://-oProxyCommand=rm%20run.in"
you'll get a failure to start the NBD connection, but it none the less
deletes the file 'run.in' in the local working directory
The RFCs are vague enough that it is not immediately obvious whether
there is any possibility of a valid hostname with a leading - (see
https://www.netmeister.org/blog/hostnames.html). Still, it is better
to pass the user's string on to ssh's determination of a valid
hostname (which does appear to reject leading -) rather than trying to
teach libnbd what patterns to allow, and thereby avoid risking any
pattern written in libnbd accidentally being too restrictive. Do this
by using "--" to end ssh options before the hostname, but that in turn
must come after any use of -oUser=. With this in place, we now get a
sane error rather than spawning a calculator with:
$ nbdinfo nbd+ssh://-oProxyCommand=gnome-calculator
hostname contains invalid characters
/home/eblake/libnbd/info/.libs/nbdinfo: nbd_connect_uri: recv: server disconnected unexpectedly
See also Libvirt commit e4cb8500 (Aug 2017), which in turn was
inspired by GIT security flaws
(http://blog.recurity-labs.com/2017-08-10/scm-vulns). We have put out
a request to Red Hat security on whether this warrants a CVE in
libnbd; however, as the problem was easy to identify using only free
AI resources, and the problem itself is relatively low priority (to
exploit it, an attacker has to convince an admin to run a program that
will use libnbd on an untrusted URI), so we are publishing this now
rather than waiting for any embargo. If a CVE is assigned, it will be
announced to the mailing list in a followup post.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
CC: Daniel P. Berrangé <berrange(a)redhat.com>
---
lib/uri.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/uri.c b/lib/uri.c
index 3b099fe5..7413c434 100644
--- a/lib/uri.c
+++ b/lib/uri.c
@@ -291,8 +291,6 @@ uri_connect_ssh (struct nbd_handle *h, const xmlURIPtr uri,
const_string_vector_append (&ssh_command, "-p");
const_string_vector_append (&ssh_command, port_str);
- const_string_vector_append (&ssh_command, uri->server);
-
/* SSH user always comes from the authority part of the URI. */
if (uri->user) {
/* Don't allow any special tokens in the username which ssh might
@@ -310,6 +308,10 @@ uri_connect_ssh (struct nbd_handle *h, const xmlURIPtr uri,
const_string_vector_append (&ssh_command, ssh_user);
}
+ const_string_vector_append (&ssh_command, "--");
+ const_string_vector_append (&ssh_command, uri->server);
+
+ /* All further argc beginning with - are options to nc. */
const_string_vector_append (&ssh_command, "nc");
if (unixsocket) {
const_string_vector_append (&ssh_command, "-U");
--
2.51.0
1 month
