Module Name: src Committed By: maxv Date: Thu Oct 30 17:13:41 UTC 2014
Modified Files: src/sys/ufs/ffs: ffs_vfsops.c Log Message: Limit the superblock size to SBLOCKSIZE, not MAXBSIZE. Otherwise memcpy will read beyond the allocated buffer. Discussed a bit on tech-kern@. To generate a diff of this commit: cvs rdiff -u -r1.300 -r1.301 src/sys/ufs/ffs/ffs_vfsops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/ufs/ffs/ffs_vfsops.c diff -u src/sys/ufs/ffs/ffs_vfsops.c:1.300 src/sys/ufs/ffs/ffs_vfsops.c:1.301 --- src/sys/ufs/ffs/ffs_vfsops.c:1.300 Fri Oct 24 13:18:51 2014 +++ src/sys/ufs/ffs/ffs_vfsops.c Thu Oct 30 17:13:41 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_vfsops.c,v 1.300 2014/10/24 13:18:51 njoly Exp $ */ +/* $NetBSD: ffs_vfsops.c,v 1.301 2014/10/30 17:13:41 maxv Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.300 2014/10/24 13:18:51 njoly Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.301 2014/10/30 17:13:41 maxv Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -974,7 +974,7 @@ ffs_mountfs(struct vnode *devvp, struct continue; /* Validate size of superblock */ - if (sbsize > MAXBSIZE || sbsize < sizeof(struct fs)) + if (sbsize > SBLOCKSIZE || sbsize < sizeof(struct fs)) continue; /* Check that we can handle the file system blocksize */