Jim Meyering <[EMAIL PROTECTED]> wrote: > Jim Meyering <[EMAIL PROTECTED]> wrote: >> Here's a patch for the second memory overrun bug: >> >> linux.c: Avoid memory overrun. Handle 2048-byte logical sectors. >> * libparted/arch/linux.c (linux_read): Allocate the right amount of >> space for the (potentially 2048-byte-long) sectors we're about to read. > > Hmm..., I see that linux_write has the same problem: > > size_t write_length = count * dev->sector_size; > ... > if (posix_memalign(&diobuf, PED_SECTOR_SIZE_DEFAULT, > count * PED_SECTOR_SIZE_DEFAULT) != 0) > ... > status = write (arch_specific->fd, diobuf, write_length); > > another patch coming up...
Actually, in linux_write it's more complicated. For discussion, let N be count * PED_SECTOR_SIZE_DEFAULT. First it allocates an N-byte buffer, B, with posix_memalign. Then it copies N bytes into B with memcpy. But then it writes write_length (4*N) bytes from B to the destination device, thus reading 3*N bytes past the end of B and writing all of that to the device. Does anyone know how to exercise linux_write with 2048-byte logical sectors? _______________________________________________ parted-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/parted-devel
