Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern kern/vfs_lockf.c: Fix overflow in overflow detection.
details: https://anonhg.NetBSD.org/src/rev/beab6ba92def
branches: trunk
changeset: 368774:beab6ba92def
user: riastradh <riastradh%NetBSD.org@localhost>
date: Wed Aug 03 11:09:13 2022 +0000
description:
kern/vfs_lockf.c: Fix overflow in overflow detection.
Reported-by: syzbot+cda9440741a1516747c8%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=030eb71324790093d467799263cd0789e5097229
diffstat:
sys/kern/vfs_lockf.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diffs (28 lines):
diff -r de91bd4987a8 -r beab6ba92def sys/kern/vfs_lockf.c
--- a/sys/kern/vfs_lockf.c Wed Aug 03 09:40:25 2022 +0000
+++ b/sys/kern/vfs_lockf.c Wed Aug 03 11:09:13 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_lockf.c,v 1.76 2022/07/01 01:04:01 riastradh Exp $ */
+/* $NetBSD: vfs_lockf.c,v 1.77 2022/08/03 11:09:13 riastradh Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_lockf.c,v 1.76 2022/07/01 01:04:01 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_lockf.c,v 1.77 2022/08/03 11:09:13 riastradh Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -844,7 +844,8 @@
end = -1;
else {
if (fl->l_len >= 0) {
- if (fl->l_len - 1 > __type_max(off_t) - start)
+ if (start >= 0 &&
+ fl->l_len - 1 > __type_max(off_t) - start)
return EINVAL;
end = start + fl->l_len - 1;
} else {
Home |
Main Index |
Thread Index |
Old Index