Date: Fri, 20 Dec 2013 23:20:00 GMT From: Jilles Tjoelker <jilles@stack.nl> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/184950: swapon aborts on gdbe device Message-ID: <201312202320.rBKNK0tT080587@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/184950; it has been noted by GNATS.
From: Jilles Tjoelker <jilles@stack.nl>
To: bug-followup@FreeBSD.org, hsn@sendmail.cz
Cc:
Subject: Re: bin/184950: swapon aborts on gdbe device
Date: Sat, 21 Dec 2013 00:11:18 +0100
In PR bin/184950, you wrote:
> i have system configured for encrypted swap gdbe_swap_enabled=YES
> in fstab
> /dev/ada0s1b.bde none swap sw 0 0
> in backtrace:
> function swap_on_off() fails at 0x0804a756 which triggers stack
> checking routines from libc __stack_chk_fail() printing stack
> underflow
This bug is probably not that conspicuous because most people use geli
instead of gbde for disk encryption.
I looked at the code anyway, and I think the compiler and the buffer
overflow detector are perfectly right. On platforms where char is signed
(i.e. most, with the notable exception of arm), the sprintf() call in
swap_on_off_gbde() may write 9 instead of the expected 3 bytes. There is
a probability of 12.5% that the last 3 chars are all non-negative and
therefore no buffer overflow occurs.
The below patch should fix it. I have only tested that it compiles.
Index: sbin/swapon/swapon.c
===================================================================
--- sbin/swapon/swapon.c (revision 259508)
+++ sbin/swapon/swapon.c (working copy)
@@ -266,7 +266,8 @@ static const char *
swap_on_off_gbde(const char *name, int doingall)
{
const char *ret;
- char pass[64 * 2 + 1], bpass[64];
+ char pass[64 * 2 + 1];
+ unsigned char bpass[64];
char *dname;
int i, error;
--
Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312202320.rBKNK0tT080587>