On 2017/02/26 21:09, Rin Okuyama wrote:
I've written DKWEDGE_METHOD_RDB option. You can find the main patch as well as that for kernel configration files (enabled for x86 by default, commented out for other platforms) here:http://www.netbsd.org/~rin/dkwedge_rdb_20170226/Looks fine, but if you replace u_long types in the on-disk structure, it should be with explicitly sized types and not with 'unsigned'.Thank you very much for your kind review! I modified 'unsigned' into 'uint32_t', and commit it.
In the writing of this patch, I've found a skew in the original code. It obtains buffer of size lp->d_secsize: amiga/disksubr.c: 167 /* obtain buffer to probe drive with */ 168 bp = geteblk((int)lp->d_secsize); After that lp->d_secsize is overwritten by rbp->nbytes: 242 lp->d_secsize = rbp->nbytes; Then, lp->d_secsize is reused for bp->bcount: 304 bp->b_bcount = lp->d_secsize; 305 bp->b_oflags &= ~(BO_DONE); 306 bp->b_flags |= B_READ; 307 #ifdef SD_C_ADJUSTS_NR 308 bp->b_blkno *= (lp->d_secsize / DEV_BSIZE); 309 #endif 310 strat(bp); If rbp->nbytes is smaller than or equal to the original lp->d_secsize, there is no problem. However if it is not, this causes buffer overflow. Shouldn't we take care of it? Am I too paranoid? Thanks, rin