Date: Mon, 16 May 2022 20:18:50 +0000 From: bugzilla-noreply@freebsd.org To: fs@FreeBSD.org Subject: [Bug 263811] ffs(4): Disk with garbage can cause crash in taste ffs crc32 code: panic: g_read_data(): invalid length -268744963 Message-ID: <bug-263811-3630-8ami0LRoMu@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-263811-3630@https.bugs.freebsd.org/bugzilla/> References: <bug-263811-3630@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263811 --- Comment #4 from Kirk McKusick <mckusick@FreeBSD.org> --- (In reply to Robert Morris from comment #3) Right. The lower bound test should be fs->fs_sbsize < fs->fs_fsize since a zero-length superblock size would be wrong. I am working on some other feedback about problems that the checks cause. I will do an update to the patch when I have figured them out. Thanks for your help in identifying and fixing these vulnerabilities. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-263811-3630-8ami0LRoMu>