[issue1863] Implement 'hammer volume-list' subcommand

Stathis Kamperis (via DragonFly issue tracker) sinknull at leaf.dragonflybsd.org
Thu Oct 7 11:03:55 PDT 2010


Stathis Kamperis <ekamperi at gmail.com> added the comment:

Short follow-up.

Matt commented on the code in IRC and said that there should a validation of
sizeof(struct hammer_ioc_volume). Otherwise the hammer vfs might overflow the
data buffer, the userland provides.

Although Matt was kind enough to explain it twice, I still don't get it. I'm
allocating room for the maximum volumes a file system can have and also I'm only
writing to the 'device_name' field of 'hammer_ioc_volume' structure, which
happens to have automatic storage.

So, what kind of buffer overrun I should be checking against? Can anyone please
provide some code  snippet or an insight ?

Thanks!
Stathis

----------
status: unread -> chatting

_____________________________________________________
DragonFly issue tracker <bugs at lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue1863>
_____________________________________________________






More information about the Bugs mailing list