Bug#815915: lsinitramfs fails to properly skip the padding after each cpio archive

To: Ben Hutchings <ben@decadent.org.uk>
Cc: 815915@bugs.debian.org
Subject: Bug#815915: lsinitramfs fails to properly skip the padding after each cpio archive
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 17 Apr 2016 14:41:59 -0300
Message-id: <[🔎] 20160417174159.GA13732@khazad-dum.debian.net>
Reply-to: Henrique de Moraes Holschuh <hmh@debian.org>, 815915@bugs.debian.org
In-reply-to: <[🔎] 1460812003.5177.3.camel@decadent.org.uk>
References: <1459359232.893752.563820610.74B9872E@webmail.messagingengine.com> <[🔎] 1460812003.5177.3.camel@decadent.org.uk>

On Sat, 16 Apr 2016, Ben Hutchings wrote:
> On Wed, 30 Mar 2016 14:33:52 -0300 Henrique de Moraes Holschuh <hmh@debian.org> wrote:
> > (note: I am not subscribed to this bug report. If you want a reply from
> > me, please keep me Cc'd).
> [...]
> > Now, to the root cause of the breakage:
> > 
> > The heuristics initramfs-tools "lsinitramfs" uses (used?) to locate the
> > next initramfs are incomplete (it does not skip over the padding at the
> > end of each initramfs)
> 
> Nope.
> 
> [...]
> > lsinitramfs needs to skip all zero bytes (or dwords) to locate the next
> > initramfs segment, instead of assuming a cpio block size of 512 bytes.
> [...]
> 
> That is exactly what it does.
> 
> Please don't guess what the 'root cause' is, actually do the research.

Eh, unfortunately I actually did it (sometime ago, for the Ubuntu bug
report), and evidently got it completely wrong.  Then, I copied my (faulty)
anaylsis from the Ubuntu bug report to the Debian bug report without
attempting to re-verify it.

So, it was actually even worse than not doing the research: it was doing it
incorrectly in the first place, and not revalidating it sometime later.  I
apologise for that.

Here is a data file that triggers the zcat crash, from one of the Ubuntu bug
reports:
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1507443/+attachment/4499699/+files/initrd.img-4.2.0-16-generic.bak

Instrumenting lsinitramfs, we get the correct offset (0x2c00) for the next
segment start offset, and the temporary file (subarchive) is also correct.
So, lsinitramfs indeed skips the uncompressed initramfs properly.

Changing lsinitramfs to keep the temporary subarchive makes it simple to
check it and to test it against zcat.

A hexdump of the subarchive looks fine.  gzip -d will process it very
happily, no errors at all.  So will cat (subarchive) | gzip -d | cpio -t.

zcat either works or crashes depending on how you call it on the resulting
subarchive:

zcat -t (subarchive) >/dev/null crashes.

zcat (subarchive) | cpio -t, and zcat (subarchive) >/dev/null both work
fine.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Bug#815915: lsinitramfs fails to properly skip the padding after each cpio archive
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Re: initramfs-tools support for nvme in Linux 4.4+
Next by Date: Bug#821326: jessie-pu: package initramfs-tools/0.120+deb8u2
Previous by thread: Bug#815915: lsinitramfs fails to properly skip the padding after each cpio archive
Next by thread: Bug#815915: initramfs-tools-core: lsinitramfs causes zcat crash when Intel microcode is included in initrd
Index(es):
- Date
- Thread