Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sbin/resize_ffs Fix the most obvious integer overflow errors...



details:   https://anonhg.NetBSD.org/src/rev/c2ff7ea9176a
branches:  trunk
changeset: 356474:c2ff7ea9176a
user:      sborrill <sborrill%NetBSD.org@localhost>
date:      Thu Sep 28 17:07:20 2017 +0000

description:
Fix the most obvious integer overflow errors which can lead to superblock
corruption. Thanks to riastradh@

For example:

# df /data
Filesystem    1K-blocks       Used      Avail %Cap Mounted on
/dev/ccd0d   -19974939099004 -19982708701532 -737868756431824584   0% /data

# dumpfs -s /dev/rccd0d
file system: /dev/rccd0d
format  FFSv2
endian  little-endian
location 65536  (-b 128)
magic   19540119        time    Thu Sep 28 13:18:10 2017
superblock location     65536   id      [ 595fa4a5 3363fe37 ]
cylgrp  dynamic inodes  FFSv2   sblock  FFSv2   fslevel 5
nbfree  242773148       ndir    211185  nifree  650798800       nffree
215448
ncg     13933   size    2647654400      blocks  -4993734774751
bsize   32768   shift   15      mask    0xffff8000
fsize   4096    shift   12      mask    0xfffff000
frag    8       shift   3       fsbtodb 3
bpg     23754   fpg     190032  ipg     46848
minfree 5%      optim   time    maxcontig 2     maxbpg  4096
symlinklen 120  contigsumsize 2
maxfilesize 0x000800800805ffff
nindir  4096    inopb   128
avgfilesize 16384       avgfpdir 64
sblkno  24      cblkno  32      iblkno  40      dblkno  2968
sbsize  4096    cgsize  32768
csaddr  35792   cssize  225280
cgrotor 0       fmod    0       ronly   0       clean   0x01
wapbl version 0x1       location 2      flags 0x0
wapbl loc0 6354693888   loc1 131072     loc2 512        loc3 3
flags   none
fsmnt   /data
volname         swuid   0

diffstat:

 sbin/resize_ffs/resize_ffs.c |  30 +++++++++++++++---------------
 1 files changed, 15 insertions(+), 15 deletions(-)

diffs (72 lines):

diff -r a26dd138e294 -r c2ff7ea9176a sbin/resize_ffs/resize_ffs.c
--- a/sbin/resize_ffs/resize_ffs.c      Thu Sep 28 16:26:14 2017 +0000
+++ b/sbin/resize_ffs/resize_ffs.c      Thu Sep 28 17:07:20 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: resize_ffs.c,v 1.47 2016/08/24 07:44:05 dholland Exp $ */
+/*     $NetBSD: resize_ffs.c,v 1.48 2017/09/28 17:07:20 sborrill Exp $ */
 /* From sources sent on February 17, 2003 */
 /*-
  * As its sole author, I explicitly place this code in the public
@@ -36,7 +36,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: resize_ffs.c,v 1.47 2016/08/24 07:44:05 dholland Exp $");
+__RCSID("$NetBSD: resize_ffs.c,v 1.48 2017/09/28 17:07:20 sborrill Exp $");
 
 #include <sys/disk.h>
 #include <sys/disklabel.h>
@@ -462,10 +462,10 @@
 initcg(int cgn)
 {
        struct cg *cg;          /* The in-core cg, of course */
-       int base;               /* Disk address of cg base */
-       int dlow;               /* Size of pre-cg data area */
-       int dhigh;              /* Offset of post-inode data area, from base */
-       int dmax;               /* Offset of end of post-inode data area */
+       int64_t base;           /* Disk address of cg base */
+       int64_t dlow;           /* Size of pre-cg data area */
+       int64_t dhigh;          /* Offset of post-inode data area, from base */
+       int64_t dmax;           /* Offset of end of post-inode data area */
        int i;                  /* Generic loop index */
        int n;                  /* Generic count */
        int start;              /* start of cg maps */
@@ -896,10 +896,10 @@
 
        newsb->fs_dsize = 0;
        for (i = 0; i < newsb->fs_ncg; i++) {
-               int dlow;       /* size of before-sb data area */
-               int dhigh;      /* offset of post-inode data area */
-               int dmax;       /* total size of cg */
-               int base;       /* base of cg, since cgsblock() etc add it in */
+               int64_t dlow;   /* size of before-sb data area */
+               int64_t dhigh;  /* offset of post-inode data area */
+               int64_t dmax;   /* total size of cg */
+               int64_t base;   /* base of cg, since cgsblock() etc add it in */
                base = cgbase(newsb, i);
                dlow = cgsblock(newsb, i) - base;
                dhigh = cgdmin(newsb, i) - base;
@@ -1365,7 +1365,7 @@
 static void
 evict_data(struct cg * cg, unsigned int minfrag, int nfrag)
 {
-       int base;       /* base of cg (in frags from beginning of fs) */
+       int64_t base;   /* base of cg (in frags from beginning of fs) */
 
        base = cgbase(oldsb, cg->cg_cgx);
        /* Does the boundary fall in the middle of a block?  To avoid
@@ -1781,10 +1781,10 @@
        csum_fixup();
        /* Evict data from any cgs being wholly eliminated */
        for (i = newsb->fs_ncg; i < oldsb->fs_ncg; i++) {
-               int base;
-               int dlow;
-               int dhigh;
-               int dmax;
+               int64_t base;
+               int64_t dlow;
+               int64_t dhigh;
+               int64_t dmax;
                base = cgbase(oldsb, i);
                dlow = cgsblock(oldsb, i) - base;
                dhigh = cgdmin(oldsb, i) - base;



Home | Main Index | Thread Index | Old Index