Module Name: src
Committed By: reinoud
Date: Wed Mar 25 20:04:52 UTC 2009
Modified Files:
src/sys/fs/udf: udf_allocation.c
Log Message:
Fix possible overshoot when allocating from a space bitmap when ffs(3) returns
a too big offset for the bitmap.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 src/sys/fs/udf/udf_allocation.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/fs/udf/udf_allocation.c
diff -u src/sys/fs/udf/udf_allocation.c:1.19 src/sys/fs/udf/udf_allocation.c:1.20
--- src/sys/fs/udf/udf_allocation.c:1.19 Tue Dec 16 16:18:25 2008
+++ src/sys/fs/udf/udf_allocation.c Wed Mar 25 20:04:52 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: udf_allocation.c,v 1.19 2008/12/16 16:18:25 pooka Exp $ */
+/* $NetBSD: udf_allocation.c,v 1.20 2009/03/25 20:04:52 reinoud Exp $ */
/*
* Copyright (c) 2006, 2008 Reinoud Zandijk
@@ -28,11 +28,12 @@
#include <sys/cdefs.h>
#ifndef lint
-__KERNEL_RCSID(0, "$NetBSD: udf_allocation.c,v 1.19 2008/12/16 16:18:25 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udf_allocation.c,v 1.20 2009/03/25 20:04:52 reinoud Exp $");
#endif /* not lint */
#if defined(_KERNEL_OPT)
+#include "opt_quota.h"
#include "opt_compat_netbsd.h"
#endif
@@ -826,6 +827,13 @@
offset += 8;
continue;
}
+
+ /* check for ffs overshoot */
+ if (offset + bit-1 >= bitmap->max_offset) {
+ offset = bitmap->max_offset;
+ break;
+ }
+
DPRINTF(PARANOIA, ("XXX : allocate %d, %p, bit %d\n",
offset + bit -1, bpos, bit-1));
*bpos &= ~(1 << (bit-1));
