[sleuthkit-developers] [ sleuthkit-Bugs-3121998 ] jcat segfault in ext2fs_jblk_walk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Bugs item #3121998, was opened at 2010-11-29 05:04
Message generated for change (Tracker Item Submitted) made by 
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=477889&aid=3121998&group_id=55685

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: File System Tools
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: atcuno ()
Assigned to: Nobody/Anonymous (nobody)
Summary: jcat segfault in ext2fs_jblk_walk

Initial Comment:
steps to reproduce:

1) compile latest release of sleuthkit (with debugging symbols)
2) create an ext3 partition (I tested on loop and on a vmware virtual disk)
3) run jcat against the image with an argument of a number greater than 0

result:

usenixatc:~/newtsk# gdb ./sleuthkit-3.2.0/tools/fstools/jcat
(gdb) r /dev/loop0 2

Starting program: /root/newtsk/sleuthkit-3.2.0/tools/fstools/jcat /dev/loop0 2
[Thread debugging using libthread_db enabled]
[New Thread 0xb74b06c0 (LWP 8221)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb74b06c0 (LWP 8221)]
0x080abb6e in ext2fs_jblk_walk (fs=0x9161828, start=2, end=2, flags=0, action=0, ptr=0x0) at ext2fs_journal.c:521
521                 if (big_tsk_getu32(head->magic) != EXT2_JMAGIC)
Current language:  auto; currently c
(gdb) x/x head
0x9160d08:      Cannot access memory at address 0x9160d08

not really sure what other info to give. it should be reproducible by just creating an ext3 image on a file made from /dev/zero. I can send other info as needed to fix the bug.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=477889&aid=3121998&group_id=55685