Hi!
I have to inform you that recently serious bug related to extended
attributes has been discovered thanks to Uros Juvan.
To be honest, it should have been discovered much earlier, through
code inspection or by simply using the program extensively, but it
didn't happen. I no longer use metastore for a few years at least and
its userbase is apparently very small, so no one reported it earlier.
I only hope that no one was hit by this, but it can be wishful
thinking on my part...
The good news is that it's already fixed.
The bad news is that I don't have time to release new version today
and my availability will be very limited for a week from today.
I should be able to release metastore v1.1.1 on 2017-12-03 in the
worst case, but hopefully it will happen day or two earlier.
So what's the bug?
Reading metadata file with xattrs leads to corruption in memory on
64-bit platforms
https://github.com/przemoc/metastore/issues/45
What's the fix?
metaentry.c: Fix underallocation for xattr_lvalues.
https://github.com/przemoc/metastore/commit/5b060d5b7f0d76ee5c8626d34747cf605dd81e13
If you're maintainer of metastore in a distribution, I advise you to
not wait for the official release of new version, simply add this
patch on top of v1.1.0 (it applies cleanly) and go for new package
release.
As I already wrote in the github issue:
I am deeply sorry that such a serious bug was present in metastore for so long.
Regards.
--
Przemysław 'Przemoc' Pawełczyk
http://przemoc.net/
