From owner-freebsd-current@FreeBSD.ORG  Thu Jun 24 15:35:41 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B2F5C16A4CE
	for <current@freebsd.org>; Thu, 24 Jun 2004 15:35:41 +0000 (GMT)
Received: from web.portaone.com (mail.russia.cz [195.70.151.35])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 067AD43D1F
	for <current@freebsd.org>; Thu, 24 Jun 2004 15:35:41 +0000 (GMT)
	(envelope-from sobomax@portaone.com)
Received: from portaone.com (localhost [127.0.0.1])
	(authenticated bits=0)
	by web.portaone.com (8.12.8p2/8.12.8) with ESMTP id i5OFYkQO049820;
	Thu, 24 Jun 2004 17:34:50 +0200 (CEST)
	(envelope-from sobomax@portaone.com)
Message-ID: <40DAF48F.5020905@portaone.com>
Date: Thu, 24 Jun 2004 18:34:39 +0300
From: Maxim Sobolev <sobomax@portaone.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en, ru, uk
MIME-Version: 1.0
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: current@freebsd.org
Subject: Bug in gbde(8) utility
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2004 15:35:41 -0000

Hi Poul,

I am currently experimenting with your great GBDE module and found that 
there apparently a bug in gbde(8) utility, particularly it can't handle 
number of keys less than G_BDE_MAXKEYS, though documentation says that 
it should. The problem is that around line 655 of gbde.c you are 
initialising locations of unused lock sectors with random values without 
performing any bounds checking, so that when later on around line 440 
you are trying to lseek() to that location operation can fail due to 
size of the disk being less than that random value. You can easily 
reproduce the problem by trying invoking gbde with number_of_keys = 1, 
random_bits() usually generates very huge numbers so that chances to hit 
disk limit are quite high.

Please fix.

Thanks!

-Maxim