FreeBSD Security Advisory FreeBSD-SA-05:02.sendfile
Uwe Doering
gemini at geminix.org
Tue Apr 5 01:14:20 PDT 2005
FreeBSD Security Advisories wrote:
> [...]
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> [FreeBSD 4.x]
> # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:02/sendfile_4.patch
> # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:02/sendfile_4.patch.asc
> [...]
The patch file (and CVS, too) contains this:
--------------------- cut here ----------------------
--- sys/ufs/ffs/ffs_inode.c 5 Feb 2002 18:35:03 -0000 1.56.2.5
+++ sys/ufs/ffs/ffs_inode.c 11 Mar 2005 14:29:19 -0000
@@ -197,6 +197,7 @@
#endif
softdep_setup_freeblocks(oip, length);
vinvalbuf(ovp, 0, cred, p, 0, 0);
+ vnode_pager_setsize(vp, 0);
oip->i_flag |= IN_CHANGE | IN_UPDATE;
return (ffs_update(ovp, 0));
}
--------------------- cut here ----------------------
I wonder, isn't the variable 'vp' actually supposed to be 'ovp' in the
added line? Technically they are identical. 'ovp' is assigned from
'vp' once in the variable definition section at the start of the function.
However, using 'vp' when calling vnode_pager_setsize() looks a little
odd given that anywhere else in this function, including another call to
vnode_pager_setsize(), the variable 'ovp' is used instead of 'vp'.
I can't tell why 'ovp' was introduced in the first place. Might have
historical reasons. But that's how the code currently works. In the
MAIN branch as well, according to CVS. So I'd suggest to replace 'vp'
with 'ovp' in the patch above, for the sake of clarity and consistency.
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
gemini at geminix.org | http://www.escapebox.net
More information about the freebsd-security
mailing list