[parted-devel] fix another memory overrun bug (this time in
linux_write)
Otavio Salvador
otavio at debian.org
Fri Mar 16 01:00:45 CET 2007
Jim Meyering <jim at meyering.net> writes:
> Here's an untested fix for libparted/arch/linux.c's linux_write.
> The problem arises when writing with a logical sector size larger
> than 512 (PED_SECTOR_SIZE_DEFAULT). It would allocate space
> for count * PED_SECTOR_SIZE_DEFAULT bytes, and copy that many
> bytes into the just-allocated buffer, but writing
> "count * dev->sector_size" bytes from the same buffer would
> use 1.5KB of uninitialized memory when sector_size is 2048.
>
> Another problem: if there were ever to be a partial write,
> the while(1) loop termination test would never become true.
>
> Finally, to be a little cleaner, use ssize_t as the type
> of the variable getting the write return val.
>
> From: Jim Meyering <jim at meyering.net>
Ack. David, please check if you can apply it on 1.8.3 too since it's
clearly a bugfix :-)
--
O T A V I O S A L V A D O R
---------------------------------------------
E-mail: otavio at debian.org UIN: 5906116
GNU/Linux User: 239058 GPG ID: 49A5F855
Home Page: http://otavio.ossystems.com.br
---------------------------------------------
"Microsoft sells you Windows ... Linux gives
you the whole house."
More information about the parted-devel
mailing list