Paths

Table of Contentst

Avoid overflow in vtruncbuf()
ClosedPublic
Actions

Authored by tuexen on Jan 6 2019, 9:33 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Wed, May 13, 12:06 AM

	Unknown Object (File)
	Mon, May 11, 7:01 AM

	Unknown Object (File)
	Mon, May 11, 4:41 AM

	Unknown Object (File)
	Mon, May 11, 4:27 AM

	Unknown Object (File)
	Fri, May 8, 9:03 AM

	Unknown Object (File)
	Mon, Apr 27, 9:32 PM

	Unknown Object (File)
	Mon, Apr 27, 2:27 PM

	Unknown Object (File)
	Sat, Apr 25, 5:14 PM

View All Files

Subscribers

imp

Details

Reviewers

mckusick
kib
markj
jtl

Commits

rS343434: MFC r342857:
rS343433: MFC r342857:
rS342857: Avoid overfow in vtruncbuf()

Summary

When running the attached test program, the kernel panics due to trunclbn becoming negative. Therefore use a larger type (int64_t).

This issue was found by running syzkaller.

Test Plan

Run the attached test program.

repro1.c225 BDownload

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

tuexen created this revision.Jan 6 2019, 9:33 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 6 2019, 9:33 PM

Harbormaster completed remote builds in B21848: Diff 52608.Jan 6 2019, 9:33 PM

kib accepted this revision.Jan 6 2019, 9:51 PM

This revision is now accepted and ready to land.Jan 6 2019, 9:51 PM

markj accepted this revision.Jan 6 2019, 10:11 PM

mckusick accepted this revision.Jan 6 2019, 11:26 PM

Closed by commit rS342857: Avoid overfow in vtruncbuf() (authored by tuexen). · Explain WhyJan 8 2019, 9:04 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

vfs_subr.c

2 lines

Diff 52666

View Options

Avoid overflow in vtruncbuf()ClosedPublicActions