Harmful casts in ufs

Wed, 17 Feb 2016 01:23:30 -0800 

Casting the result of ext2fs_size() and DIP(ip, size) to int potentially
truncates the result. Issue found by Stefan Kempf, see
https://marc.info/?l=openbsd-tech&m=145495905416536 .

While there I also removed the cast in the ext2fs_chmod() call, because
the function expects a mode_t argument anyway.

Comments?

natano


Index: ufs//ext2fs/ext2fs_readwrite.c
===================================================================
RCS file: /cvs/src/sys/ufs/ext2fs/ext2fs_readwrite.c,v
retrieving revision 1.37
diff -u -p -u -r1.37 ext2fs_readwrite.c
--- ufs//ext2fs/ext2fs_readwrite.c      16 Feb 2016 17:56:12 -0000      1.37
+++ ufs//ext2fs/ext2fs_readwrite.c      17 Feb 2016 09:13:59 -0000
@@ -95,7 +95,7 @@ ext2_ind_read(struct vnode *vp, struct i
                panic("%s: mode", "ext2fs_read");
 
        if (vp->v_type == VLNK) {
-               if ((int)ext2fs_size(ip) < vp->v_mount->mnt_maxsymlinklen ||
+               if (ext2fs_size(ip) < vp->v_mount->mnt_maxsymlinklen ||
                    (vp->v_mount->mnt_maxsymlinklen == 0 &&
                    ip->i_e2fs_nblock == 0))
                        panic("%s: short symlink", "ext2fs_read");
Index: ufs//ext2fs/ext2fs_vnops.c
===================================================================
RCS file: /cvs/src/sys/ufs/ext2fs/ext2fs_vnops.c,v
retrieving revision 1.74
diff -u -p -u -r1.74 ext2fs_vnops.c
--- ufs//ext2fs/ext2fs_vnops.c  16 Feb 2016 17:56:12 -0000      1.74
+++ ufs//ext2fs/ext2fs_vnops.c  17 Feb 2016 09:13:59 -0000
@@ -322,7 +322,7 @@ ext2fs_setattr(void *v)
        if (vap->va_mode != (mode_t)VNOVAL) {
                if (vp->v_mount->mnt_flag & MNT_RDONLY)
                        return (EROFS);
-               error = ext2fs_chmod(vp, (int)vap->va_mode, cred, p);
+               error = ext2fs_chmod(vp, vap->va_mode, cred, p);
        }
        return (error);
 }
Index: ufs//ffs/ffs_vnops.c
===================================================================
RCS file: /cvs/src/sys/ufs/ffs/ffs_vnops.c,v
retrieving revision 1.82
diff -u -p -u -r1.82 ffs_vnops.c
--- ufs//ffs/ffs_vnops.c        16 Feb 2016 17:56:12 -0000      1.82
+++ ufs//ffs/ffs_vnops.c        17 Feb 2016 09:13:59 -0000
@@ -207,7 +207,7 @@ ffs_read(void *v)
                panic("ffs_read: mode");
 
        if (vp->v_type == VLNK) {
-               if ((int)DIP(ip, size) < vp->v_mount->mnt_maxsymlinklen ||
+               if (DIP(ip, size) < vp->v_mount->mnt_maxsymlinklen ||
                    (vp->v_mount->mnt_maxsymlinklen == 0 &&
                     DIP(ip, blocks) == 0))
                        panic("ffs_read: short symlink");

Reply via email to