From jh@pc-21490.bc.rogers.wave.ca  Thu Oct 23 23:53:01 1997
Received: from pc-21490.bc.rogers.wave.ca (pc-21490.bc.rogers.wave.ca [24.113.51.240])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA27963
          for <FreeBSD-gnats-submit@freebsd.org>; Thu, 23 Oct 1997 23:53:00 -0700 (PDT)
          (envelope-from jh@pc-21490.bc.rogers.wave.ca)
Received: (from jh@localhost)
	by pc-21490.bc.rogers.wave.ca (8.8.7/8.8.7) id XAA01041;
	Thu, 23 Oct 1997 23:52:28 -0700 (PDT)
Message-Id: <199710240652.XAA01041@pc-21490.bc.rogers.wave.ca>
Date: Thu, 23 Oct 1997 23:52:28 -0700 (PDT)
From: pangolin@rogers.wave.ca
Reply-To: pangolin@rogers.wave.ca
To: FreeBSD-gnats-submit@freebsd.org
Subject: fsck dumps core when it can't read super block
X-Send-Pr-Version: 3.2

>Number:         4840
>Category:       bin
>Synopsis:       fsck dumps core when it can't read super block
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Oct 24 00:00:01 PDT 1997
>Closed-Date:    Sat Dec 20 13:37:18 PST 1997
>Last-Modified:  Sat Dec 20 13:37:49 PST 1997
>Originator:     Jonathan Hanna
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
>Environment:

FreeBSD 3.0-CURRENT
FreeBSD 2.2-STABLE is OK

>Description:

fsck in 3.0-CURRENT dumps core after dereferencing an unitialized
super block data structure. It seems the setup() routine now returns more
than a boolean. That is handled by a case statement with a suspicious
fall through.

>How-To-Repeat:

#
# as non-root
#
bash-2.01$ fsck
Can't open /dev/rwd1a: Permission denied
Segmentation fault (core dumped)

>Fix:

Possible patch. I do not know what the purpose of the fall through is.
Exit code meaning is also unknown.

--- main.c.orig Thu Oct 23 23:14:50 1997
+++ main.c      Thu Oct 23 23:23:12 1997
@@ -195,7 +195,8 @@
        case 0:
                if (preen)
                        pfatal("CAN'T CHECK FILE SYSTEM.");
-               /* fall through */
+               /* don't fall through */
+               return(1);
        case -1:
                pwarn("clean, %ld free ", sblock.fs_cstotal.cs_nffree +
                        sblock.fs_frag * sblock.fs_cstotal.cs_nbfree);

>Release-Note:
>Audit-Trail:

From: Bruce Evans <bde@zeta.org.au>
To: FreeBSD-gnats-submit@FreeBSD.ORG, pangolin@rogers.wave.ca
Cc:  Subject: Re: bin/4840: fsck dumps core when it can't read super block
Date: Fri, 24 Oct 1997 20:16:11 +1000

 >fsck in 3.0-CURRENT dumps core after dereferencing an unitialized
 >super block data structure. It seems the setup() routine now returns more
 >than a boolean. That is handled by a case statement with a suspicious
 >fall through.
 >
 >>How-To-Repeat:
 >
 >#
 ># as non-root
 >#
 >bash-2.01$ fsck
 >Can't open /dev/rwd1a: Permission denied
 >Segmentation fault (core dumped)
 
 It also dumps core for attempting to evaluate 0.0/0 when it gets a little
 further (e.g., for an empty partition).
 
 >>Fix:
 >
 >Possible patch. I do not know what the purpose of the fall through is.
 
 It is just to avoid repeating `return (0)' in the Lite2 version.  It is
 just the result of a bad merge in the current version.
 
 >Exit code meaning is also unknown.
 
 Returning 1 may be better, but fsck seems to want to exit with status 0
 after certain errors.  For `fsck /dev/something', the change has no
 effect since fsck always exits with status 0 in that case.  For `fsck'
 with no device args, returning 1 ensures that fsck exits with a nonzero
 status after checking all the file systems in /etc/fstab.
 
 Bruce
State-Changed-From-To: open->closed 
State-Changed-By: bde 
State-Changed-When: Sat Dec 20 13:37:18 PST 1997 
State-Changed-Why:  
Fixed in rev.1.11 of fsck/main.c. 
>Unformatted:
