Date: Tue, 22 Sep 2020 20:02:24 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 249533] fsck_msdosfs: Integer overflow in checksize() for files close to 4GiB in size on 32-bit platform Message-ID: <bug-249533-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249533 Bug ID: 249533 Summary: fsck_msdosfs: Integer overflow in checksize() for files close to 4GiB in size on 32-bit platform Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: delphij@FreeBSD.org Reference: https://android-review.googlesource.com/c/platform/external/fsck_msdos/+/1428461 In checksize(), the physicalSize is represented in size_t, which is 32-bit on 32-bit platforms. When the file size is within (4GiB-cluster size..4GiB) range, the count of cluster * cluster size would be exactly 4 GiB, which will wrap to 0 and cause the file to be errornously truncated. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-249533-227>