Paths

Table of Contentst

Avoid overflow in vtruncbuf()
ClosedPublic
Actions

Authored by tuexen on Jan 6 2019, 9:33 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Nov 21, 12:49 AM

	Unknown Object (File)
	Thu, Nov 20, 9:03 PM

	Unknown Object (File)
	Thu, Nov 20, 9:02 PM

	Unknown Object (File)
	Thu, Nov 20, 9:02 PM

	Unknown Object (File)
	Thu, Nov 20, 8:54 PM

	Unknown Object (File)
	Wed, Nov 19, 6:12 AM

	Unknown Object (File)
	Sun, Nov 16, 2:23 AM

	Unknown Object (File)
	Nov 11 2025, 7:58 PM

View All 84 Files

Subscribers

imp

Details

Reviewers

mckusick
kib
markj
jtl

Commits

rS343434: MFC r342857:
rS343433: MFC r342857:
rS342857: Avoid overfow in vtruncbuf()

Summary

When running the attached test program, the kernel panics due to trunclbn becoming negative. Therefore use a larger type (int64_t).

This issue was found by running syzkaller.

Test Plan

Run the attached test program.

repro1.c225 BDownload

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

tuexen created this revision.Jan 6 2019, 9:33 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 6 2019, 9:33 PM

Harbormaster completed remote builds in B21848: Diff 52608.Jan 6 2019, 9:33 PM

kib accepted this revision.Jan 6 2019, 9:51 PM

This revision is now accepted and ready to land.Jan 6 2019, 9:51 PM

markj accepted this revision.Jan 6 2019, 10:11 PM

mckusick accepted this revision.Jan 6 2019, 11:26 PM

Closed by commit rS342857: Avoid overfow in vtruncbuf() (authored by tuexen). · Explain WhyJan 8 2019, 9:04 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

vfs_subr.c

2 lines

Diff 52666

View Options

Avoid overflow in vtruncbuf()ClosedPublicActions