Module Name: src
Committed By: drochner
Date: Thu Apr 2 17:25:24 UTC 2009
Modified Files:
src/sys/kern: kern_subr.c
Log Message:
In humanize_number(), avoid an integer overflow if the buffer
provided is "too large" (log10(2^64) = 19).
(It can still overflow if the input value is close to 2^64 but I don't
consider this a problem.)
fixes nonsense displayed as "total memory" on boot
To generate a diff of this commit:
cvs rdiff -u -r1.198 -r1.199 src/sys/kern/kern_subr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_subr.c
diff -u src/sys/kern/kern_subr.c:1.198 src/sys/kern/kern_subr.c:1.199
--- src/sys/kern/kern_subr.c:1.198 Sun Jan 11 02:45:52 2009
+++ src/sys/kern/kern_subr.c Thu Apr 2 17:25:24 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_subr.c,v 1.198 2009/01/11 02:45:52 christos Exp $ */
+/* $NetBSD: kern_subr.c,v 1.199 2009/04/02 17:25:24 drochner Exp $ */
/*-
* Copyright (c) 1997, 1998, 1999, 2002, 2007, 2008 The NetBSD Foundation, Inc.
@@ -79,7 +79,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.198 2009/01/11 02:45:52 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.199 2009/04/02 17:25:24 drochner Exp $");
#include "opt_ddb.h"
#include "opt_md.h"
@@ -1261,8 +1261,11 @@
prefixes = " kMGTPE"; /* SI for decimal multiplies */
umax = 1;
- for (i = 0; i < len - suffixlen - 3; i++)
+ for (i = 0; i < len - suffixlen - 3; i++) {
umax *= 10;
+ if (umax > bytes)
+ break;
+ }
for (i = 0; bytes >= umax && prefixes[i + 1]; i++)
bytes /= divisor;
