Paths

Table of Contentst

Avoid overflow in vtruncbuf()
ClosedPublic
Actions

Authored by tuexen on Jan 6 2019, 9:33 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sun, Oct 5, 1:05 AM

	Unknown Object (File)
	Tue, Sep 23, 9:37 PM

	Unknown Object (File)
	Sat, Sep 20, 7:50 PM

	Unknown Object (File)
	Wed, Sep 17, 9:11 PM

	Unknown Object (File)
	Wed, Sep 17, 4:08 AM

	Unknown Object (File)
	Sat, Sep 13, 7:36 PM

	Unknown Object (File)
	Aug 20 2025, 4:01 AM

	Unknown Object (File)
	Aug 2 2025, 5:42 PM

View All 69 Files

Subscribers

imp

Details

Reviewers

mckusick
kib
markj
jtl

Commits

rS343434: MFC r342857:
rS343433: MFC r342857:
rS342857: Avoid overfow in vtruncbuf()

Summary

When running the attached test program, the kernel panics due to trunclbn becoming negative. Therefore use a larger type (int64_t).

This issue was found by running syzkaller.

Test Plan

Run the attached test program.

repro1.c225 BDownload

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

tuexen created this revision.Jan 6 2019, 9:33 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 6 2019, 9:33 PM

Harbormaster completed remote builds in B21848: Diff 52608.Jan 6 2019, 9:33 PM

kib accepted this revision.Jan 6 2019, 9:51 PM

This revision is now accepted and ready to land.Jan 6 2019, 9:51 PM

markj accepted this revision.Jan 6 2019, 10:11 PM

mckusick accepted this revision.Jan 6 2019, 11:26 PM

Closed by commit rS342857: Avoid overfow in vtruncbuf() (authored by tuexen). · Explain WhyJan 8 2019, 9:04 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

vfs_subr.c

2 lines

Diff 52666

View Options

Avoid overflow in vtruncbuf()ClosedPublicActions