dump: better handling of large filesystems

[Otto Moerbeek]

Hi,

this fixes an overwrite of spcl.c_addr.  Taken form FreeBSD.

See https://marc.info/?l=openbsd-misc&m=160018252418088&w=2

        -Otto


Index: tape.c
===================================================================
RCS file: /cvs/src/sbin/dump/tape.c,v
retrieving revision 1.45
diff -u -p -r1.45 tape.c
--- tape.c      28 Jun 2019 13:32:43 -0000      1.45
+++ tape.c      26 Sep 2020 06:30:37 -0000
@@ -330,7 +330,10 @@ flushtape(void)
        }
 
        blks = 0;
-       if (spcl.c_type != TS_END) {
+       if (spcl.c_type != TS_END && spcl.c_type != TS_CLRI &&
+           spcl.c_type != TS_BITS) {
+               if (spcl.c_count > TP_NINDIR)
+                       quit("c_count too large\n");
                for (i = 0; i < spcl.c_count; i++)
                        if (spcl.c_addr[i] != 0)
                                blks++;