Re: CVS commit: src/sbin/disklabel

To: christos%netbsd.org@localhost
Subject: Re: CVS commit: src/sbin/disklabel
From: tsugutomo.enami%jp.sony.com@localhost
Date: Tue, 14 May 2013 12:44:55 +0900

> Modified Files:
>         src/sbin/disklabel: main.c
> 
> Log Message:
> CVE 1020933: Prevent integer overflow by using wider type
> 
> To generate a diff of this commit:
> cvs rdiff -u -r1.33 -r1.34 src/sbin/disklabel/main.c

Since the variable `offset' in find_label() is used to express an offset
within the array bootarea[], we don't need to change its type to off_t,
do we?

I guess it is enough to warn when the value of LABEL_OFFSET doesn't fit
the bootarea[] (since the value can be altered by setting environment
variable LABELSECOTR and/or LABELOFFSET).

enami.

Follow-Ups:
- Re: CVS commit: src/sbin/disklabel
  - From: Christos Zoulas

Prev by Date: Re: CVS commit: src/sys/arch/powerpc/oea
Next by Date: Re: CVS commit: src/sbin/disklabel
Previous by Thread: Re: CVS commit: src/sys/arch/powerpc/oea
Next by Thread: Re: CVS commit: src/sbin/disklabel
Indexes:

Home | Main Index | Thread Index | Old Index