Date: Thu, 7 Mar 1996 16:32:11 -0800 (PST) From: "Brian N. Handy" <handy@sxt2.space.lockheed.com> To: Bruce Evans <bde@zeta.org.au> Cc: current@FreeBSD.ORG, mark@linus.demon.co.uk Subject: Re: reproducible fatal trap 12 Message-ID: <Pine.ULT.3.91.960307162859.4332A-100000@sxt2.space.lockheed.com> In-Reply-To: <199603071953.GAA05727@godzilla.zeta.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
[...] > This is easy to reproduce and seems to be a bug in cd9660_readdir(). An > invalid directory entry is accessed one statment before the check that > finds it to be invalid. My fix delays the access and some other access > until the reclen and namlen checks are done. Apparently it is OK to > access the parts of the directory entry containing the reclen and the > namlen, although there is no such thing as a partial struct in C. > > Skipping the faulting instructing in ddb happens to work safely. For > some reason the bug wasn't reproducible after that (even after switching > to another cdrom and back). I patched this into my system and it seems to work here. (I being the originator of the "Page Fault" thread.) I'll exercise it for a while and see it I have any problems. Thanks! Brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.ULT.3.91.960307162859.4332A-100000>