0001078: reads function of read.c in revision 16473 introduced a inconspicuous BUG (with patch)

BusyBox Bug and Patch Tracking

Viewing Issue Simple Details [ Jump to Notes ]

[ View Advanced ] [ Issue History ] [ Print ]

Category

Severity

Reproducibility

Date Submitted

Last Update

0001078

[BusyBox] Kernel Module Support

crash

always

10-30-06 18:32

10-31-06 14:46

Reporter

rockeychu

View Status

public

Assigned To

BusyBox

Priority

normal

Resolution

fixed

Status

closed

Product Version

svn

Summary

0001078: reads function of read.c in revision 16473 introduced a inconspicuous BUG (with patch)

Description

This bug caused and only caused modprobe can't do anything.

TEST OS: Linux 2.6.18
TEST CMD: busybox modprobe pcnet32

Analysed with ltrace (before patched):
  ...
  lseek64(3, -2015, 0, 1, 0xbffff1f4) = 32
  ...

with strace (before patched):
  ...
  _llseek(3, 4294965281, [4294967328], SEEK_CUR) = 0
  ...

with ltrace (after patched):
  ...
  lseek64(3, -2015, -1, 1, 0xbffff248) = 32
  ...

with strace (after patched):
  ...
  _llseek(3, -2015, [32], SEEK_CUR) = 0
  ...

The patch is:
Index: libbb/read.c
===================================================================
--- libbb/read.c (revision 16473)
+++ libbb/read.c (working copy)
@@ -86,7 +86,7 @@
        if (p) {
                off_t offset;
                *p++ = '\0';
- offset = (p-buffer) - size;
+ offset = (off_t)(p-buffer) - size;
                // set fd position the right after the \n
                if (offset && lseek(fd, offset, SEEK_CUR) == (off_t)-1)
                        return NULL;

Additional Information

Attached Files

Relationships

Notes
(0001726) vda 10-31-06 14:46	Fixed in rev 16480.

Issue History
Date Modified	Username	Field	Change
10-30-06 18:32	rockeychu	New Issue
10-30-06 18:32	rockeychu	Status	new => assigned
10-30-06 18:32	rockeychu	Assigned To	=> BusyBox
10-31-06 14:46	vda	Status	assigned => closed
10-31-06 14:46	vda	Note Added: 0001726
10-31-06 14:46	vda	Resolution	open => fixed