Date: Mon, 31 Jul 2023 22:56:45 GMT From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: fa3cf6cdc68c - main - cd9660: do not leak buffers in cd9660_rrip_loop() Message-ID: <202307312256.36VMujAC006651@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=fa3cf6cdc68cb6d6f2c440f2653258d68eae1015 commit fa3cf6cdc68cb6d6f2c440f2653258d68eae1015 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-07-31 22:55:13 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-07-31 22:55:13 +0000 cd9660: do not leak buffers in cd9660_rrip_loop() Reported by: Robert Morris <rtm@lcs.mit.edu> PR: 272856 Sponsored by: The FreeBSD Foundation MFC after: 1 week --- sys/fs/cd9660/cd9660_rrip.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/sys/fs/cd9660/cd9660_rrip.c b/sys/fs/cd9660/cd9660_rrip.c index 26a09f9be383..21b176a3f0f6 100644 --- a/sys/fs/cd9660/cd9660_rrip.c +++ b/sys/fs/cd9660/cd9660_rrip.c @@ -520,12 +520,18 @@ cd9660_rrip_loop(struct iso_directory_record *isodir, ISO_RRIP_ANALYZE *ana, } if (ana->fields && ana->iso_ce_len) { - if (ana->iso_ce_blk >= ana->imp->volume_space_size - || ana->iso_ce_off + ana->iso_ce_len > ana->imp->logical_block_size - || bread(ana->imp->im_devvp, - ana->iso_ce_blk << - (ana->imp->im_bshift - DEV_BSHIFT), - ana->imp->logical_block_size, NOCRED, &bp)) + if (ana->iso_ce_blk >= ana->imp->volume_space_size || + ana->iso_ce_off + ana->iso_ce_len > + ana->imp->logical_block_size) + break; + if (bp != NULL) { + brelse(bp); + bp = NULL; + } + if (bread(ana->imp->im_devvp, + ana->iso_ce_blk << + (ana->imp->im_bshift - DEV_BSHIFT), + ana->imp->logical_block_size, NOCRED, &bp) != 0) /* what to do now? */ break; phead = (ISO_SUSP_HEADER *)(bp->b_data + ana->iso_ce_off);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202307312256.36VMujAC006651>