Date: Thu, 13 Apr 2017 16:14:19 +0000 From: Brooks Davis <brooks@freebsd.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r316766 - head/lib/libutil Message-ID: <20170413161419.GC95141@spindle.one-eyed-alien.net> In-Reply-To: <201704131549.v3DFnXNa003990@repo.freebsd.org> References: <201704131549.v3DFnXNa003990@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--qtZFehHsKgwS5rPz Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 13, 2017 at 03:49:33PM +0000, Brooks Davis wrote: > Author: brooks > Date: Thu Apr 13 15:49:32 2017 > New Revision: 316766 > URL: https://svnweb.freebsd.org/changeset/base/316766 >=20 > Log: > Correct an out of bounds read with HN_AUTOSCALE and very large numbers. > =20 > The maximum scale is 6 (K, M, G, T, P, E) (B is 0). > =20 > Overly large explict scales were checked correctly, but for sufficently > large numbers HN_AUTOSCALE would get to 7 resulting in an out of bounds > read. > =20 > Found with humanize_number_test and CHERI bounds checking. IMO the real cause of this off-by-one error is the failure to use a proper array of prefixes. FreeBSD makes the case worse than the NetBSD code we started from by adding Ki, Mi, etc so the prefixes strings are all three characters per suffix making the code unreadable. -- Brooks --qtZFehHsKgwS5rPz Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJY76PaAAoJEKzQXbSebgfAs38H/Agg6l9/n2+ZCRHuIWQmWb0L EZbQ708MZKhHM5tXVodIB2V2eqAOtTV+NzZI5UvtjIe4nwMJ7gFfjRg06hput0Lv alaKU4cloFkb1pjA9io+HZEc2J+ezt2UZseKYk0enqLaJtcYqHbQBKoelKRPnNnP PT5oeawfKvcEdDQ15C5GbKnnmmerfF/HNHPl6SrqIcht6OrO/qDG8vzqRU8wA8PU Mf47U6+sDIH8AxNA4LuPW8vAXQBXC0moa56aDrSiWG5+hrBcPcR994C2MXXPxExZ hNFAs0ZA3a6o83S6RoEndxxrKeZj1yku7HeYqNJ8NOHOJBDX55TAGH2VoZlluEI= =iRvC -----END PGP SIGNATURE----- --qtZFehHsKgwS5rPz--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170413161419.GC95141>