From nobody@FreeBSD.org  Wed Jun  6 03:14:40 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3A2CE16A421
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  6 Jun 2007 03:14:40 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 2C8FA13C46A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  6 Jun 2007 03:14:40 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l563EdVV085563
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 6 Jun 2007 03:14:39 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l563EcGX085455;
	Wed, 6 Jun 2007 03:14:39 GMT
	(envelope-from nobody)
Message-Id: <200706060314.l563EcGX085455@www.freebsd.org>
Date: Wed, 6 Jun 2007 03:14:39 GMT
From: Staffan Ulfberg<staffan@ulfberg.se>
To: freebsd-gnats-submit@FreeBSD.org
Subject: growfs has singed int overflow in printf
X-Send-Pr-Version: www-3.0

>Number:         113399
>Category:       bin
>Synopsis:       [patch] growfs(8) has signed int overflow in printf
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    das
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 06 03:20:02 GMT 2007
>Closed-Date:    Sat Jan 26 08:23:30 UTC 2008
>Last-Modified:  Sat Jan 26 08:30:01 UTC 2008
>Originator:     Staffan Ulfberg
>Release:        6.2-STABLE
>Organization:
Harmonicode AB
>Environment:
FreeBSD multivac.fatburen.org 6.2-STABLE FreeBSD 6.2-STABLE #0: Sun May  6 19:09:39 CEST 2007     staffanu@multivac.fatburen.org:/usr/obj/usr/src/sys/MULTIVAC  i386
>Description:
When growfs prints out the cylinder numbers that are used for suber-block backups, it prints negative numbers for cylinders that are larger than 2^31.

The utility still works (at least it did for me when growing a 1.3 TB file system to 1.5 TB), but it looks quite worrying.  I for one did not proceed to actually run the tool (after having tested with -N) until I had checked the source code to see that the problem only appears in the printout.

>How-To-Repeat:
Run growfs on a file system larger than 1 TB.
>Fix:
multivac# diff -u growfs.c.orig growfs.c
--- growfs.c.orig       Wed Jun  6 05:13:05 2007
+++ growfs.c    Wed Jun  6 05:13:44 2007
@@ -259,8 +259,8 @@
         */
        for (cylno = osblock.fs_ncg; cylno < sblock.fs_ncg; cylno++) {
                initcg(cylno, utime, fso, Nflag);
-               j = sprintf(tmpbuf, " %d%s",
-                   (int)fsbtodb(&sblock, cgsblock(&sblock, cylno)),
+               j = sprintf(tmpbuf, " %jd%s",
+                   (intmax_t)fsbtodb(&sblock, cgsblock(&sblock, cylno)),
                    cylno < (sblock.fs_ncg-1) ? "," : "" );
                if (i + j >= width) {
                        printf("\n");


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->patched 
State-Changed-By: das 
State-Changed-When: Mon Dec 17 08:03:44 UTC 2007 
State-Changed-Why:  
Fixed in src/sbin/growfs/growfs.c,v 1.26 


Responsible-Changed-From-To: freebsd-bugs->das 
Responsible-Changed-By: das 
Responsible-Changed-When: Mon Dec 17 08:03:44 UTC 2007 
Responsible-Changed-Why:  
Fixed in src/sbin/growfs/growfs.c,v 1.26 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113399 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/113399: commit references a PR
Date: Mon, 17 Dec 2007 08:03:26 +0000 (UTC)

 das         2007-12-17 08:03:18 UTC
 
   FreeBSD src repository
 
   Modified files:
     sbin/growfs          growfs.c 
   Log:
   Fix an int overflow on very large file systems.
   
   PR:             bin/113399
   Submitted by:   Staffan Ulfberg <staffan@ulfberg.se>
   
   Revision  Changes    Path
   1.26      +2 -2      src/sbin/growfs/growfs.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: das 
State-Changed-When: Sat Jan 26 08:23:11 UTC 2008 
State-Changed-Why:  
MFC'd to RELENG_7. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113399 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/113399: commit references a PR
Date: Sat, 26 Jan 2008 08:21:17 +0000 (UTC)

 das         2008-01-26 08:21:12 UTC
 
   FreeBSD src repository
 
   Modified files:        (Branch: RELENG_7)
     sbin/growfs          growfs.c 
   Log:
   MFC growfs.c,v 1.26
   
       Fix an int overflow on very large file systems.
   
       PR:                 bin/113399
       Submitted by:       Staffan Ulfberg <staffan@ulfberg.se>
   
   Revision  Changes    Path
   1.25.2.1  +2 -2      src/sbin/growfs/growfs.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
