Page MenuHomeFreeBSD

Still a memory corruption bug in vdev_read in loader ZFS support
ClosedPublic

Authored by pkelsey on Feb 17 2019, 4:16 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 13, 1:38 AM
Unknown Object (File)
Thu, Oct 9, 3:25 PM
Unknown Object (File)
Tue, Oct 7, 11:19 PM
Unknown Object (File)
Sat, Oct 4, 4:35 PM
Unknown Object (File)
Wed, Oct 1, 6:40 PM
Unknown Object (File)
Thu, Sep 25, 4:11 AM
Unknown Object (File)
Thu, Sep 18, 10:18 PM
Unknown Object (File)
Sep 13 2025, 5:23 AM
Subscribers

Details

Summary

D19140 didn't quite expunge the memory corruption bug in vdev_read() in zfs.c. In that fix, the single-sector case with non-zero tail would overrun the output buffer by the tail size.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This revision is now accepted and ready to land.Feb 17 2019, 7:02 AM
pkelsey retitled this revision from Still a memory corruption bug in vdev_readin loader ZFS support to Still a memory corruption bug in vdev_read in loader ZFS support.Feb 17 2019, 4:27 PM
This revision was automatically updated to reflect the committed changes.