[BusyBox 0001078]: reads function of read.c in revision 16473 introduced a inconspicuous BUG (with patch)

bugs at busybox.net bugs at busybox.net
Tue Oct 31 02:32:16 UTC 2006 

The following issue has been SUBMITTED. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1078 
====================================================================== 
Reported By:                rockeychu
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1078
Category:                   Kernel Module Support
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             10-30-2006 18:32 PST
Last Modified:              10-30-2006 18:32 PST
====================================================================== 
Summary:                    reads function of read.c in revision 16473
introduced a inconspicuous BUG (with patch)
Description: 
This bug caused and only caused modprobe can't do anything.

TEST  OS: Linux 2.6.18
TEST CMD: busybox modprobe pcnet32 

Analysed with ltrace (before patched):
  ...
  lseek64(3, -2015, 0, 1, 0xbffff1f4)              = 32
  ...

with strace (before patched):
  ...
  _llseek(3, 4294965281, [4294967328], SEEK_CUR) = 0
  ...


with ltrace (after patched):
  ...
  lseek64(3, -2015, -1, 1, 0xbffff248)             = 32
  ...

with strace (after patched):
  ...
  _llseek(3, -2015, [32], SEEK_CUR)       = 0
  ...



The patch is:
Index: libbb/read.c
===================================================================
--- libbb/read.c        (revision 16473)
+++ libbb/read.c        (working copy)
@@ -86,7 +86,7 @@
        if (p) {
                off_t offset;
                *p++ = '\0';
-               offset = (p-buffer) - size;
+               offset = (off_t)(p-buffer) - size;
                // set fd position the right after the \n
                if (offset && lseek(fd, offset, SEEK_CUR) == (off_t)-1)
                        return NULL;

====================================================================== 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
10-30-06 18:32  rockeychu      New Issue                                    
10-30-06 18:32  rockeychu      Status                   new => assigned     
10-30-06 18:32  rockeychu      Assigned To               => BusyBox         
======================================================================

More information about the busybox-cvs mailing list