[Bug 221501] [msdosfs] panic 11.0-RELEASE by mounting a malformed msdosfs image

Bruce Evans brde at optusnet.com.au
Mon Aug 14 05:51:07 UTC 2017

On Mon, 14 Aug 2017 a big that doesn't want replies at freebsd.org wrote:

> It is possible to panic 11.0-RELEASE by mounting a malformed msdosfs image.

Did you check it with fsck before mounting?  Otherwise the problem is
probably uninteresting.  No file system in FreeBSD except possibly zfs
does much sanity checking at mount time, so it is trivial to construct
images that crash it.

msdosfs actually does much more sanity checking than ffs.  It checks
about 100 bytes where ffs checks about 20.  However, msdosfs is missing
a check of its dirty flag.  This doesn't affect crashing it much, but
it affects damaging the file system further.  ffs allows read-only
mounts of dirty images.  msdosfs also allows red-write mounts of dirty
images.  If you run fsck before mounting, then should set the dirty
flag if it fails.  For ffs, this prevents the read-write case from
getting very far.


More information about the freebsd-bugs mailing list