From 0fbbbc9233f021ac281ffed4d5f7b5d4807e1e4a9b3d52acfaeea10c548e6fb9 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Tue, 3 Feb 2015 23:41:59 +0000 Subject: [PATCH] - mdcheck-careful.patch Be careful about reading all output of "mdadm --detail --export" as shell commands - it isn't quoted. (bnc#910500) OBS-URL: https://build.opensuse.org/package/show/Base:System/mdadm?expand=0&rev=126 --- mdadm.changes | 8 ++++++++ mdadm.spec | 5 ++++- mdcheck-careful.patch | 27 +++++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 mdcheck-careful.patch diff --git a/mdadm.changes b/mdadm.changes index 5be4359..582854f 100644 --- a/mdadm.changes +++ b/mdadm.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Feb 3 23:40:32 UTC 2015 - nfbrown@suse.com + +- mdcheck-careful.patch + Be careful about reading all output of "mdadm --detail --export" + as shell commands - it isn't quoted. + (bnc#910500) + ------------------------------------------------------------------- Mon Nov 3 00:23:45 UTC 2014 - nfbrown@suse.com diff --git a/mdadm.spec b/mdadm.spec index ffc5562..f4f4fda 100644 --- a/mdadm.spec +++ b/mdadm.spec @@ -1,7 +1,7 @@ # # spec file for package mdadm # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -44,6 +44,8 @@ Patch1: 0001-Makefile-install-mdadm-grow-continue-.service.patch Patch2: 0001-Grow-fix-removal-of-line-in-wrong-case.patch # PATCH-FIX-UPSTREAM mdcheck-no-devices.fix bnc#903051 nfbrown@suse.de Patch3: mdcheck-no-devices.fix +# PATCH-FIX-UPSTREAM mdcheck-careful.patch bnc#910500 nfbrown@suse.de +Patch4: mdcheck-careful.patch %define _udevdir %(pkg-config --variable=udevdir udev) %define _systemdshutdowndir %{_unitdir}/../system-shutdown @@ -58,6 +60,7 @@ programs but with a very different interface. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 %build make %{?_smp_mflags} CC="%__cc" CXFLAGS="$RPM_OPT_FLAGS -Wno-error" SUSE=yes diff --git a/mdcheck-careful.patch b/mdcheck-careful.patch new file mode 100644 index 0000000..a12e055 --- /dev/null +++ b/mdcheck-careful.patch @@ -0,0 +1,27 @@ +From 979b1feb093b1c2e0f8b58716329f2da092741d4 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Wed, 4 Feb 2015 09:06:47 +1100 +Subject: [PATCH] mdcheck: be careful when sourcing the output of "mdadm + --detail --export" + +The output of "mdadm --detail --export" isn't quoted properly so +fields that contain spaces can be a problem. +We only want the MD_UUID field, and it has a very well defined +format with no spaces. +So use 'grep' to limit the output to just that. + +Signed-off-by: NeilBrown + +diff --git a/misc/mdcheck b/misc/mdcheck +index ca5fe84a1284..2c8f54d6e4cf 100644 +--- a/misc/mdcheck ++++ b/misc/mdcheck +@@ -88,7 +88,7 @@ do + continue + fi + +- mdadm --detail --export "$dev" > $tmp || continue ++ mdadm --detail --export "$dev" | grep '^MD_UUID=' > $tmp || continue + source $tmp + fl="/var/lib/mdcheck/MD_UUID_$MD_UUID" + if [ -z "$cont" ]