Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 8 Oct 2021 06:10:23 GMT
From:      Kyle Evans <kevans@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 72004aae0c33 - stable/12 - Nuke out buffer overflow safety marker code.
Message-ID:  <202110080610.1986ANNX006645@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=72004aae0c335e6cb51923d6b80b372fca0f66e8

commit 72004aae0c335e6cb51923d6b80b372fca0f66e8
Author:     Maxim Sobolev <sobomax@FreeBSD.org>
AuthorDate: 2018-11-23 22:36:56 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2021-10-08 02:40:36 +0000

    Nuke out buffer overflow safety marker code.
    
    It duplicates similar code in the malloc()/free() as well as having
    potential of softening the handling in case error is detected down to a
    mere warning as compared to hard panic in free().
    
    (cherry picked from commit 6c81fe160cb922d35cc740e2fa8be1a9467d139f)
---
 stand/common/bcache.c | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

diff --git a/stand/common/bcache.c b/stand/common/bcache.c
index bd83b1427693..a020f3c3c53c 100644
--- a/stand/common/bcache.c
+++ b/stand/common/bcache.c
@@ -86,7 +86,6 @@ static u_int bcache_rablks;
 	((bc)->bcache_ctl[BHASH((bc), (blkno))].bc_blkno != (blkno))
 #define	BCACHE_READAHEAD	256
 #define	BCACHE_MINREADAHEAD	32
-#define	BCACHE_MARKER		0xdeadbeef
 
 static void	bcache_invalidate(struct bcache *bc, daddr_t blkno);
 static void	bcache_insert(struct bcache *bc, daddr_t blkno);
@@ -123,7 +122,6 @@ bcache_allocate(void)
     u_int i;
     struct bcache *bc = malloc(sizeof (struct bcache));
     int disks = bcache_numdev;
-    uint32_t *marker;
 
     if (disks == 0)
 	disks = 1;	/* safe guard */
@@ -142,8 +140,7 @@ bcache_allocate(void)
 
     bc->bcache_nblks = bcache_total_nblks >> i;
     bcache_unit_nblks = bc->bcache_nblks;
-    bc->bcache_data = malloc(bc->bcache_nblks * bcache_blksize +
-	sizeof(uint32_t));
+    bc->bcache_data = malloc(bc->bcache_nblks * bcache_blksize);
     if (bc->bcache_data == NULL) {
 	/* dont error out yet. fall back to 32 blocks and try again */
 	bc->bcache_nblks = 32;
@@ -158,9 +155,6 @@ bcache_allocate(void)
 	errno = ENOMEM;
 	return (NULL);
     }
-    /* Insert cache end marker. */
-    marker = (uint32_t *)(bc->bcache_data + bc->bcache_nblks * bcache_blksize);
-    *marker = BCACHE_MARKER;
 
     /* Flush the cache */
     for (i = 0; i < bc->bcache_nblks; i++) {
@@ -222,15 +216,12 @@ read_strategy(void *devdata, int rw, daddr_t blk, size_t size,
     int				result;
     daddr_t			p_blk;
     caddr_t			p_buf;
-    uint32_t			*marker;
 
     if (bc == NULL) {
 	errno = ENODEV;
 	return (-1);
     }
 
-    marker = (uint32_t *)(bc->bcache_data + bc->bcache_nblks * bcache_blksize);
-
     if (rsize != NULL)
 	*rsize = 0;
 
@@ -350,12 +341,6 @@ read_strategy(void *devdata, int rw, daddr_t blk, size_t size,
 	result = 0;
     }
 
-    if (*marker != BCACHE_MARKER) {
-	printf("BUG: bcache corruption detected: nblks: %zu p_blk: %lu, "
-	    "p_size: %zu, ra: %zu\n", bc->bcache_nblks,
-	    (long unsigned)BHASH(bc, p_blk), p_size, ra);
-    }
-
  done:
     if ((result == 0) && (rsize != NULL))
 	*rsize = size;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110080610.1986ANNX006645>