kern/77234: corrupted data is read from UDF filesystem if read starts at non-aligned offset

Andriy Gapon avg at icyb.net.ua
Mon Mar 28 08:00:08 PST 2005 

The following reply was made to PR kern/77234; it has been noted by GNATS.

From: Andriy Gapon <avg at icyb.net.ua>
To: freebsd-gnats-submit at FreeBSD.org
Cc:  
Subject: Re: kern/77234: corrupted data is read from UDF filesystem if read
 starts at non-aligned offset
Date: Mon, 28 Mar 2005 18:53:00 +0300

 This is a multi-part message in MIME format.
 --------------020302040802060308050405
 Content-Type: text/plain; charset=KOI8-U
 Content-Transfer-Encoding: 7bit
 
 
 updated patch
 
 -- 
 Andriy Gapon
 
 --------------020302040802060308050405
 Content-Type: text/plain;
  name="offset.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="offset.patch"
 
 --- sys/fs/udf/udf_vnops.c.orig	Thu Mar 17 15:08:39 2005
 +++ sys/fs/udf/udf_vnops.c	Thu Mar 17 15:13:41 2005
 @@ -1091,23 +1097,25 @@
  		*size = max_size;
  	*size = min(*size, MAXBSIZE);
  
 -	if ((error = udf_readlblks(udfmp, sector, *size, bp))) {
 +	if ((error = udf_readlblks(udfmp, sector, *size + (offset & udfmp->bmask), bp))) {
  		printf("warning: udf_readlblks returned error %d\n", error);
  		/* note: *bp may be non-NULL */
  		return (error);
  	}
  
  	bp1 = *bp;
 -	*data = (uint8_t *)&bp1->b_data[offset % udfmp->bsize];
 +	*data = (uint8_t *)&bp1->b_data[offset & udfmp->bmask];
  	return (0);
  }
  
  /*
   * Translate a file offset into a logical block and then into a physical
   * block.
 + * max_size - maximum number of bytes that can be read starting from given
 + * offset, rather than beginning of calculated sector number
   */
  static int
  udf_bmap_internal(struct udf_node *node, off_t offset, daddr_t *sector, uint32_t *max_size)
  {
  	struct udf_mnt *udfmp;
  	struct file_entry *fentry;
 @@ -1158,7 +1166,7 @@
  		lsector = (offset  >> udfmp->bshift) +
  		    ((struct short_ad *)(icb))->pos;
  
 -		*max_size = GETICBLEN(short_ad, icb);
 +		*max_size = icblen - offset;
  
  		break;
  	case 1:
 @@ -1183,7 +1191,7 @@
  		lsector = (offset >> udfmp->bshift) +
  		    le32toh(((struct long_ad *)(icb))->loc.lb_num);
  
 -		*max_size = GETICBLEN(long_ad, icb);
 +		*max_size = icblen - offset;
  
  		break;
  	case 3:
 
 --------------020302040802060308050405--

More information about the freebsd-bugs mailing list