From b9e7b3cf9c028c790c11ad9aa24bf02bab03c7cd Mon Sep 17 00:00:00 2001 From: krw Date: Sun, 10 Aug 2008 15:52:50 +0000 Subject: [PATCH] Fix other integer overflow vulnerability I introduced, this time in DL_BLKOFFSET(). Pointed out by kettenis@ and deraadt@. ok kettenis@ --- sys/sys/disklabel.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/sys/disklabel.h b/sys/sys/disklabel.h index a26415f7cdb..7ce4fee97c6 100644 --- a/sys/sys/disklabel.h +++ b/sys/sys/disklabel.h @@ -1,4 +1,4 @@ -/* $OpenBSD: disklabel.h,v 1.43 2008/08/09 19:20:07 kettenis Exp $ */ +/* $OpenBSD: disklabel.h,v 1.44 2008/08/10 15:52:50 krw Exp $ */ /* $NetBSD: disklabel.h,v 1.41 1996/05/10 23:07:37 mark Exp $ */ /* @@ -230,7 +230,7 @@ struct __partitionv0 { /* the partition table */ #define DL_BLKSPERSEC(d) ((d)->d_secsize / DEV_BSIZE) #define DL_SECTOBLK(d, n) ((n) * DL_BLKSPERSEC(d)) #define DL_BLKTOSEC(d, n) ((n) / DL_BLKSPERSEC(d)) -#define DL_BLKOFFSET(d, n) (((n) * DEV_BSIZE) % (d)->d_secsize) +#define DL_BLKOFFSET(d, n) (((n) % DL_BLKSPERSEC(d)) * DEV_BSIZE) /* d_type values: */ #define DTYPE_SMD 1 /* SMD, XSMD; VAX hp/up */ -- 2.20.1