netbsd-bugs: bin/1768: dumpfs fails with disk partitions

Subject: bin/1768: dumpfs fails with disk partitions > 2GB
To: None <gnats-bugs@gnats.netbsd.org>
From: Tor Egge <tegge@idt.unit.no>
List: netbsd-bugs
Date: 11/16/1995 13:21:57
>Number:         1768
>Category:       bin
>Synopsis:       dumpfs fails with disk partitions > 2GB
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 16 07:50:02 1995
>Last-Modified:
>Originator:     Tor Egge
>Organization:
Norwegian Institute of Technology and Science
>Release:        NetBSD-current, November 17th 1995
>Environment:
System: NetBSD ikke.idt.unit.no 1.1_ALPHA NetBSD 1.1_ALPHA (TEGGE) #3: Mon Nov 13 12:37:46 MET 1995 root@:/usr/src/sys/arch/i386/compile/TEGGE i386


>Description:

	dumpfs on a partition >2GB causes dumpfs to fail.  It passes a negative
	offset as an argument to lseek due to lack of precision in the offset
	calculcation causing overflow. On some configurations the scsi driver
	starts printing error messages, and the process hangs in an infinite
	disk wait on a local disk.  To remove the process, the system has to be
	rebooted.
>How-To-Repeat:
	Try dumpfs on a >2GB partition.
>Fix:
	Do a cast to off_t before multiplying block number with block size.

*** /usr/src/sbin/dumpfs/dumpfs.c.orig	Wed Oct 11 13:11:51 1995
--- usr/src/sbin/dumpfs/dumpfs.c	Sun Nov 12 17:20:22 1995
***************
*** 197,204 ****
  		    afs.fs_cssize - i : afs.fs_bsize;
  		afs.fs_csp[j] = calloc(1, size);
  		if (lseek(fd,
! 		    (off_t)(fsbtodb(&afs, (afs.fs_csaddr + j * afs.fs_frag)) *
! 		    dev_bsize), SEEK_SET) == (off_t)-1)
  			goto err;
  		if (read(fd, afs.fs_csp[j], size) != size)
  			goto err;
--- 197,204 ----
  		    afs.fs_cssize - i : afs.fs_bsize;
  		afs.fs_csp[j] = calloc(1, size);
  		if (lseek(fd,
! 		    (off_t)((off_t)fsbtodb(&afs, (afs.fs_csaddr + j * afs.fs_frag)) *
! 		    (off_t)dev_bsize), SEEK_SET) == (off_t)-1)
  			goto err;
  		if (read(fd, afs.fs_csp[j], size) != size)
  			goto err;
***************
*** 239,245 ****
  	int i, j;
  
  	printf("\ncg %d:\n", c);
! 	if ((cur = lseek(fd, (off_t)(fsbtodb(&afs, cgtod(&afs, c)) * dev_bsize),
  	    SEEK_SET)) == (off_t)-1)
  		return (1);
  	if (read(fd, &acg, afs.fs_bsize) != afs.fs_bsize) {
--- 239,245 ----
  	int i, j;
  
  	printf("\ncg %d:\n", c);
! 	if ((cur = lseek(fd, (off_t)((off_t)fsbtodb(&afs, cgtod(&afs, c)) * (off_t)dev_bsize),
  	    SEEK_SET)) == (off_t)-1)
  		return (1);
  	if (read(fd, &acg, afs.fs_bsize) != afs.fs_bsize) {

>Audit-Trail:
>Unformatted: