savecore(8): Fix buffer overrun inspecting disks with varying sector size
ClosedPublic
Actions

Authored by cem on Oct 6 2016, 2:52 AM.

Details

Reviewers

emaste
markj
ambrisko
rpokala

Commits

rS306752: savecore(8): Fix buffer overrun inspecting disks with varying sector size

Summary

A premature optimization lead to caching a native-sector sized memory
allocation. If the program examined a 512 byte sector disk, then a 4096
byte sector disk, the program would overrun the cached 512 byte buffer.

Just remove the optimization to fix the bug.

Noticed by: markj

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 5473
Build 5690: arc lint + arc unit

Event Timeline

cem updated this revision to Diff 21098.Oct 6 2016, 2:52 AM

cem retitled this revision from to savecore(8): Fix buffer overrun inspecting disks with varying sector size.

cem updated this object.

cem edited the test plan for this revision. (Show Details)

cem added reviewers: markj, rpokala, ambrisko, emaste.

'temp' is the buffer you read the header into, and also what you use to write the "cleared" header. So what's 'buf'?

In D8162#169285, @rpokala wrote:

'temp' is the buffer you read the header into, and also what you use to write the "cleared" header. So what's 'buf'?

temp is used for kernel dump metadata and is only a single sector large. buf is used for streaming dump data off the disk, and is 1MB.