ref: acc239ef26417ca35badf37b58242eeb0e0663fa
parent: 235f71ba4767d4ab9a3e7706a3f77a7803e82cda
author: cinap_lenrek <[email protected]>
date: Tue Jul 31 21:22:01 EDT 2012
kfs: fix read offset integer overflow
--- a/sys/src/cmd/disk/kfs/9p1.c
+++ b/sys/src/cmd/disk/kfs/9p1.c
@@ -807,7 +807,9 @@
addr = 0;
goto dread;
}
- if(offset+count > d->size)
+ if(offset >= d->size)
+ count = 0;
+ else if(offset+count > d->size)
count = d->size - offset;
while(count > 0) {addr = offset / BUFSIZE;
--- a/sys/src/cmd/disk/kfs/9p2.c
+++ b/sys/src/cmd/disk/kfs/9p2.c
@@ -1071,7 +1071,9 @@
accessdir(p, d, FREAD);
if(d->mode & DDIR)
goto dread;
- if(offset+count > d->size)
+ if(offset >= d->size)
+ count = 0;
+ else if(offset+count > d->size)
count = d->size - offset;
while(count > 0){ if(p == nil){