FreeBSD Mail Archives

Date:      Tue, 8 Jan 2019 09:04:27 +0000 (UTC)
From:      Michael Tuexen <tuexen@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r342857 - head/sys/kern
Message-ID:  <201901080904.x0894R13041295@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: tuexen
Date: Tue Jan  8 09:04:27 2019
New Revision: 342857
URL: https://svnweb.freebsd.org/changeset/base/342857

Log:
  Avoid overfow in vtruncbuf()
  
  Using daddr_t instead of int avoids trunclbn to become negative when it
  shouldn't.
  This isssue was found by running syzkaller.
  
  Reviewed by:		mckusick, kib, markj
  MFC after:		1 week
  Differential Revision:	https://reviews.freebsd.org/D18763

Modified:
  head/sys/kern/vfs_subr.c

Modified: head/sys/kern/vfs_subr.c
==============================================================================
--- head/sys/kern/vfs_subr.c	Tue Jan  8 05:41:04 2019	(r342856)
+++ head/sys/kern/vfs_subr.c	Tue Jan  8 09:04:27 2019	(r342857)
@@ -1858,7 +1858,7 @@ vtruncbuf(struct vnode *vp, struct ucred *cred, off_t 
 {
 	struct buf *bp, *nbp;
 	int anyfreed;
-	int trunclbn;
+	daddr_t trunclbn;
 	struct bufobj *bo;
 
 	CTR5(KTR_VFS, "%s: vp %p with cred %p and block %d:%ju", __func__,

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901080904.x0894R13041295>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation