>Submitter-Id: current-users
>Originator: Ariff Abdullah
>Organization: MyBSD
>Confidential: no
>Synopsis: truncate operation on fat32 may corrupt the file system
>Severity: critical
>Priority: high
>Category: kern
>Class: sw-bug
>Release: FreeBSD 4.7-RELEASE i386
>Environment:
System: 4.7-RELEASE, 5.1-RELEASE (GENERIC)
>Description:
Truncate operation involving truncate() or ftruncate() on
FAT32 mounted as msdos either failed or silently corrupting
the file or even worse, corrupting the neighbour file reiside
in the same partition/file system.
>How-To-Repeat:
# cd /to/fat32/partition/
# dd if=/dev/zero of=XX bs=4099 count=1
# truncate -s 4097 XX
truncate: XX: Argument list too long
errno E2BIG
>Fix:
--- /usr/src/sys/msdosfs/msdosfs_denode.c.orig Tue Jun 24 06:01:09 2003
+++ /usr/src/sys/msdosfs/msdosfs_denode.c Tue Jun 24 05:53:41 2003
@@ -501,26 +501,19 @@
bn = cntobn(pmp, eofentry);
error = bread(pmp->pm_devvp, bn, pmp->pm_bpcluster,
NOCRED, &bp);
- } else {
- bn = de_blk(pmp, length);
- error = bread(DETOV(dep), bn, pmp->pm_bpcluster,
- NOCRED, &bp);
- }
- if (error) {
- brelse(bp);
+ if (error) {
+ brelse(bp);
#ifdef MSDOSFS_DEBUG
- printf("detrunc(): bread fails %d\n", error);
+ printf("detrunc(): bread fails %d\n", error);
#endif
- return (error);
+ return (error);
+ }
+ bzero(bp->b_data + boff, pmp->pm_bpcluster - boff);
+ if (flags & IO_SYNC)
+ bwrite(bp);
+ else
+ bdwrite(bp);
}
- /*
- * is this the right place for it?
- */
- bzero(bp->b_data + boff, pmp->pm_bpcluster - boff);
- if (flags & IO_SYNC)
- bwrite(bp);
- else
- bdwrite(bp);
}
/*
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
