Date: Thu, 2 May 2002 16:30:03 -0700 (PDT) From: Bruce Evans <bde@zeta.org.au> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/37677: off by 1 in $FreeBSD: src/sys/kern/subr_diskslice.c,v 1.82.2.6 Message-ID: <200205022330.g42NU3s37620@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/37677; it has been noted by GNATS. From: Bruce Evans <bde@zeta.org.au> To: Scott Bertilson <scott@nts.umn.edu> Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: kern/37677: off by 1 in $FreeBSD: src/sys/kern/subr_diskslice.c,v 1.82.2.6 Date: Fri, 3 May 2002 09:26:37 +1000 (EST) On Thu, 2 May 2002, Scott Bertilson wrote: > >Description: > line 916: > || pp->p_offset + pp->p_size > end > offset + size should always be 1 more than end No; p_offset + p_size is the sector after the last one in the partition, and it must be <= 'end' (which is the sector after the last one in the slice). The above checks the negation of `(pp->p_offset + pp->p_size) <= end'. > >How-To-Repeat: > ran into this while trying to get a drive with OpenBSD partitions to mount This seems to be a bug in the configuration of the OpenBSD partitions. > >Fix: > > || (pp->p_offset + pp->p_size - 1) > end > as at line 948 > (u_long)(pp->p_offset + pp->p_size - 1), No; this would introduce an off-by-1 error; it would permit partitions to extend 1 beyond the end of the slice. Line 948 is at best confusing. It really prints the sector number of the last sector but calls it the end sector. But internally, the "end" sector is always the one after the last. Line 948 is just wrong for empty partitions. The "end" (really last) sector is then one before the start. E.g., start = 0, "end" = 4294967295. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205022330.g42NU3s37620>