diff options
author | Tobias Stoeckmann | 2016-07-10 16:14:08 +0200 |
---|---|---|
committer | Karel Zak | 2016-07-14 12:09:51 +0200 |
commit | e3684760501439abce5b480e1d0a432a626e21f4 (patch) | |
tree | 4f489ea7dcb3924cb0bc403c041f1d1d4a415aa0 | |
parent | fdisk: make -l <dev ...> behaves like fdisk -l (diff) | |
download | kernel-qcow2-util-linux-e3684760501439abce5b480e1d0a432a626e21f4.tar.gz kernel-qcow2-util-linux-e3684760501439abce5b480e1d0a432a626e21f4.tar.xz kernel-qcow2-util-linux-e3684760501439abce5b480e1d0a432a626e21f4.zip |
tailf: Fix segmentation fault in tailf on 32 bit
tailf crashes with a segmentation fault when used with a file that is
exactly 4GB in size due to an integer overflow between off_t and size_t:
$ dd if=/dev/zero of=tailf.crash bs=1 count=1 seek=4294967295
$ tailf tailf.crash
Segmentation fault
$ _
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
-rw-r--r-- | text-utils/tailf.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/text-utils/tailf.c b/text-utils/tailf.c index ea082c795..6219aa218 100644 --- a/text-utils/tailf.c +++ b/text-utils/tailf.c @@ -42,6 +42,7 @@ #include <errno.h> #include <getopt.h> #include <sys/mman.h> +#include <limits.h> #ifdef HAVE_INOTIFY_INIT #include <sys/inotify.h> @@ -55,7 +56,7 @@ #define DEFAULT_LINES 10 -/* st->st_size has to be greater than zero! */ +/* st->st_size has to be greater than zero and smaller or equal to SIZE_MAX! */ static void tailf(const char *filename, size_t lines, struct stat *st) { int fd; @@ -281,7 +282,9 @@ int main(int argc, char **argv) err(EXIT_FAILURE, _("stat of %s failed"), filename); if (!S_ISREG(st.st_mode)) errx(EXIT_FAILURE, _("%s: is not a file"), filename); - if (st.st_size) + + /* mmap is based on size_t */ + if (st.st_size && (size_t) st.st_size <= SIZE_MAX) tailf(filename, lines, &st); #ifdef HAVE_INOTIFY_INIT |