Date: Tue, 8 Jan 2019 09:04:27 +0000 (UTC) From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r342857 - head/sys/kern Message-ID: <201901080904.x0894R13041295@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tuexen Date: Tue Jan 8 09:04:27 2019 New Revision: 342857 URL: https://svnweb.freebsd.org/changeset/base/342857 Log: Avoid overfow in vtruncbuf() Using daddr_t instead of int avoids trunclbn to become negative when it shouldn't. This isssue was found by running syzkaller. Reviewed by: mckusick, kib, markj MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D18763 Modified: head/sys/kern/vfs_subr.c Modified: head/sys/kern/vfs_subr.c ============================================================================== --- head/sys/kern/vfs_subr.c Tue Jan 8 05:41:04 2019 (r342856) +++ head/sys/kern/vfs_subr.c Tue Jan 8 09:04:27 2019 (r342857) @@ -1858,7 +1858,7 @@ vtruncbuf(struct vnode *vp, struct ucred *cred, off_t { struct buf *bp, *nbp; int anyfreed; - int trunclbn; + daddr_t trunclbn; struct bufobj *bo; CTR5(KTR_VFS, "%s: vp %p with cred %p and block %d:%ju", __func__,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901080904.x0894R13041295>