From owner-cvs-all Sat Oct 5 17:40:34 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E601237B401; Sat, 5 Oct 2002 17:40:31 -0700 (PDT) Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id AB4F743E3B; Sat, 5 Oct 2002 17:40:30 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from mail.lan.Awfulhak.org (brian@dev.lan.Awfulhak.org [IPv6:fec0::5]) by Awfulhak.org (8.12.6/8.12.6) with SMTP id g960eQkx049202; Sun, 6 Oct 2002 01:40:27 +0100 (BST) (envelope-from brian@Awfulhak.org) Date: Sun, 6 Oct 2002 01:40:26 +0100 From: Brian Somers To: Bruce Evans Cc: brian@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern subr_disk.c Message-Id: <20021006014026.63604067.brian@Awfulhak.org> In-Reply-To: <20021005235134.J12119-100000@gamplex.bde.org> References: <200210051124.g95BOMk2092338@freefall.freebsd.org> <20021005235134.J12119-100000@gamplex.bde.org> X-Mailer: Sylpheed version 0.8.2claws (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 6 Oct 2002 00:15:37 +1000 (EST), Bruce Evans wrote: > On Sat, 5 Oct 2002, Brian Somers wrote: > > > brian 2002/10/05 04:24:22 PDT > > > > Modified files: > > sys/kern subr_disk.c > > Log: > > If dsgetlabel() returns a label with a size of zero in diskdumpconf(), > > treat it as an invalid partition. > > > > This fixes a bug where ``dumpon '' will configure the dump > > device at a random offset on the disk if isn't a valid > > partition. > > This seems to only unbreak the case where the partition size is 0. At > least the i386 dumpsys() has no bounds checking at the partition level. > It clobbers sectors outside of the partition starting at the non-random > offset dumplo given by: > > dumplo = di->mediaoffset + di->mediasize - Maxmem * (off_t)PAGE_SIZE; > dumplo -= sizeof kdh * 2; > > except in the following cases: > - if di_mediasize is actually large enough to hold the data > (di_mediasize >= Maxmem * (off_t)PAGE_SIZE + sizeof(kdh) * 2 + > ) > - if di_mediasize is 0 (or just small), then dumplo is negative and the > disk driver's or hardware's bounds checking (of physical sector numbers) > should prevent problems. > > Bruce I'm not sure what ``space for metadata'' is for. The attached patch seems to get the answer right here on i386, although I can't vouch for ia64 or sparc64 working correctly (their dumpsys() seems different). Do you think I should commit this ? -- Brian Don't _EVER_ lose your sense of humour ! Index: subr_disk.c =================================================================== RCS file: /home/ncvs/src/sys/kern/subr_disk.c,v retrieving revision 1.61 diff -u -r1.61 subr_disk.c --- subr_disk.c 5 Oct 2002 16:35:31 -0000 1.61 +++ subr_disk.c 6 Oct 2002 00:31:43 -0000 @@ -20,6 +20,7 @@ #include #include #include +#include #ifdef NO_GEOM #include #include @@ -222,6 +223,9 @@ di.mediasize = (off_t)(dl->d_partitions[dkpart(dev)].p_size) * DEV_BSIZE; if (di.mediasize == 0) + return (EINVAL); + if (di.mediasize < Maxmem * (off_t)PAGE_SIZE + + sizeof(struct kerneldumpheader) * 2) return (EINVAL); return(set_dumper(&di)); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message