200859 – [bhyve] vbsc_ident buffer accessed out of bounds

Bug 200859 - [bhyve] vbsc_ident buffer accessed out of bounds

Summary: [bhyve] vbsc_ident buffer accessed out of bounds

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	misc (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Marcelo Araujo

URL:
Keywords:

Duplicates (1):	201288 (view as bug list)
Depends on:
Blocks:

Reported:	2015-06-14 20:46 UTC by caglar
Modified:	2019-05-10 16:36 UTC (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description caglar 2015-06-14 20:46:46 UTC

In src/pci_virtio_block.c, sc->vbsc_ident buffer accessed out of bounds.  https://github.com/mist64/xhyve/pull/24 increases the buffer size by one and also switches to snprintf.

Comment 1 Peter Grehan freebsd_committer

2015-08-24 20:07:31 UTC

*** Bug 201288 has been marked as a duplicate of this bug. ***

Comment 2 Mark Linimon freebsd_committer

2015-10-20 23:50:07 UTC

Canonicalize assignment.

Comment 3 commit-hook freebsd_committer

2018-11-20 22:21:44 UTC

A commit references this bug:

Author: araujo
Date: Tue Nov 20 22:21:19 UTC 2018
New revision: 340707
URL: https://svnweb.freebsd.org/changeset/base/340707

Log:
  Define AHCI_PORT_IDENT and increase by 1 the VTBLK_BLK_ID_BYTES
  to avoid buffer accessed out of bounds, also switch to snprintf(3).

  PR:		200859
  Submitted by:	Caglar <caglar@10ur.org>
  Obtained from:	https://github.com/mist64/xhyve/pull/24
  MFC after:	4 weeks
  Sponsored by:	iXsystems Inc.

Changes:
  head/usr.sbin/bhyve/pci_ahci.c
  head/usr.sbin/bhyve/pci_virtio_block.c

Comment 4 Marcelo Araujo freebsd_committer

2018-11-20 22:24:12 UTC

Committed! Thanks and sorry the delay.

Comment 5 commit-hook freebsd_committer

2018-12-18 03:00:23 UTC

A commit references this bug:

Author: araujo
Date: Tue Dec 18 03:00:12 UTC 2018
New revision: 342184
URL: https://svnweb.freebsd.org/changeset/base/342184

Log:
  MFC r340707:

  Define AHCI_PORT_IDENT and increase by 1 the VTBLK_BLK_ID_BYTES
  to avoid buffer accessed out of bounds, also switch to snprintf(3).

  PR:		200859
  Submitted by:	Caglar <caglar@10ur.org>
  Obtained from:	https://github.com/mist64/xhyve/pull/24

Changes:
_U  stable/12/
  stable/12/usr.sbin/bhyve/pci_ahci.c
  stable/12/usr.sbin/bhyve/pci_virtio_block.c

Comment 6 commit-hook freebsd_committer

2019-05-10 16:36:57 UTC

A commit references this bug:

Author: jhb
Date: Fri May 10 16:36:38 UTC 2019
New revision: 347436
URL: https://svnweb.freebsd.org/changeset/base/347436

Log:
  MFC 340707:
  Define AHCI_PORT_IDENT and increase by 1 the VTBLK_BLK_ID_BYTES
  to avoid buffer accessed out of bounds, also switch to snprintf(3).

  PR:		200859

Changes:
_U  stable/11/
  stable/11/usr.sbin/bhyve/pci_ahci.c
  stable/11/usr.sbin/bhyve/pci_virtio_block.c