Paths

Table of Contentst

Avoid overflow in vtruncbuf()
ClosedPublic
Actions

Authored by tuexen on Jan 6 2019, 9:33 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sat, Jan 25, 10:57 PM

	Unknown Object (File)
	Fri, Jan 24, 5:27 PM

	Unknown Object (File)
	Wed, Jan 22, 11:16 AM

	Unknown Object (File)
	Sun, Jan 19, 11:54 AM

	Unknown Object (File)
	Sat, Jan 18, 10:18 PM

	Unknown Object (File)
	Sat, Jan 18, 7:46 AM

	Unknown Object (File)
	Fri, Jan 10, 1:02 AM

	Unknown Object (File)
	Nov 29 2024, 5:12 PM

View All 46 Files

Subscribers

imp

Details

Reviewers

mckusick
kib
markj
jtl

Commits

rS343434: MFC r342857:
rS343433: MFC r342857:
rS342857: Avoid overfow in vtruncbuf()

Summary

When running the attached test program, the kernel panics due to trunclbn becoming negative. Therefore use a larger type (int64_t).

This issue was found by running syzkaller.

Test Plan

Run the attached test program.

repro1.c225 BDownload

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

tuexen created this revision.Jan 6 2019, 9:33 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 6 2019, 9:33 PM

Harbormaster completed remote builds in B21848: Diff 52608.Jan 6 2019, 9:33 PM

kib accepted this revision.Jan 6 2019, 9:51 PM

This revision is now accepted and ready to land.Jan 6 2019, 9:51 PM

markj accepted this revision.Jan 6 2019, 10:11 PM

mckusick accepted this revision.Jan 6 2019, 11:26 PM

Closed by commit rS342857: Avoid overfow in vtruncbuf() (authored by tuexen). · Explain WhyJan 8 2019, 9:04 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

vfs_subr.c

2 lines

Diff 52666

View Options

Avoid overflow in vtruncbuf()ClosedPublicActions