[issue1863] Implement 'hammer volume-list' subcommand
Stathis Kamperis (via DragonFly issue tracker)
sinknull at leaf.dragonflybsd.org
Thu Oct 7 11:03:55 PDT 2010
Stathis Kamperis <ekamperi at gmail.com> added the comment:
Short follow-up.
Matt commented on the code in IRC and said that there should a validation of
sizeof(struct hammer_ioc_volume). Otherwise the hammer vfs might overflow the
data buffer, the userland provides.
Although Matt was kind enough to explain it twice, I still don't get it. I'm
allocating room for the maximum volumes a file system can have and also I'm only
writing to the 'device_name' field of 'hammer_ioc_volume' structure, which
happens to have automatic storage.
So, what kind of buffer overrun I should be checking against? Can anyone please
provide some code snippet or an insight ?
Thanks!
Stathis
----------
status: unread -> chatting
_____________________________________________________
DragonFly issue tracker <bugs at lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue1863>
_____________________________________________________
More information about the Bugs
mailing list