[Bug 263811] ffs(4): Disk with garbage can cause crash in taste ffs crc32 code: panic: g_read_data(): invalid length -268744963

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 16 May 2022 17:13:47 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263811

--- Comment #3 from Robert Morris <rtm@lcs.mit.edu> ---
(In reply to Kirk McKusick from comment #2)
validate_sblock() ought to check that fs_sbsize is >= 0;
without that, it's still possible to force a crash in
the crc32 code.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.