The branch stable/12 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=72004aae0c335e6cb51923d6b80b372fca0f66e8
commit 72004aae0c335e6cb51923d6b80b372fca0f66e8 Author: Maxim Sobolev <[email protected]> AuthorDate: 2018-11-23 22:36:56 +0000 Commit: Kyle Evans <[email protected]> CommitDate: 2021-10-08 02:40:36 +0000 Nuke out buffer overflow safety marker code. It duplicates similar code in the malloc()/free() as well as having potential of softening the handling in case error is detected down to a mere warning as compared to hard panic in free(). (cherry picked from commit 6c81fe160cb922d35cc740e2fa8be1a9467d139f) --- stand/common/bcache.c | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/stand/common/bcache.c b/stand/common/bcache.c index bd83b1427693..a020f3c3c53c 100644 --- a/stand/common/bcache.c +++ b/stand/common/bcache.c @@ -86,7 +86,6 @@ static u_int bcache_rablks; ((bc)->bcache_ctl[BHASH((bc), (blkno))].bc_blkno != (blkno)) #define BCACHE_READAHEAD 256 #define BCACHE_MINREADAHEAD 32 -#define BCACHE_MARKER 0xdeadbeef static void bcache_invalidate(struct bcache *bc, daddr_t blkno); static void bcache_insert(struct bcache *bc, daddr_t blkno); @@ -123,7 +122,6 @@ bcache_allocate(void) u_int i; struct bcache *bc = malloc(sizeof (struct bcache)); int disks = bcache_numdev; - uint32_t *marker; if (disks == 0) disks = 1; /* safe guard */ @@ -142,8 +140,7 @@ bcache_allocate(void) bc->bcache_nblks = bcache_total_nblks >> i; bcache_unit_nblks = bc->bcache_nblks; - bc->bcache_data = malloc(bc->bcache_nblks * bcache_blksize + - sizeof(uint32_t)); + bc->bcache_data = malloc(bc->bcache_nblks * bcache_blksize); if (bc->bcache_data == NULL) { /* dont error out yet. fall back to 32 blocks and try again */ bc->bcache_nblks = 32; @@ -158,9 +155,6 @@ bcache_allocate(void) errno = ENOMEM; return (NULL); } - /* Insert cache end marker. */ - marker = (uint32_t *)(bc->bcache_data + bc->bcache_nblks * bcache_blksize); - *marker = BCACHE_MARKER; /* Flush the cache */ for (i = 0; i < bc->bcache_nblks; i++) { @@ -222,15 +216,12 @@ read_strategy(void *devdata, int rw, daddr_t blk, size_t size, int result; daddr_t p_blk; caddr_t p_buf; - uint32_t *marker; if (bc == NULL) { errno = ENODEV; return (-1); } - marker = (uint32_t *)(bc->bcache_data + bc->bcache_nblks * bcache_blksize); - if (rsize != NULL) *rsize = 0; @@ -350,12 +341,6 @@ read_strategy(void *devdata, int rw, daddr_t blk, size_t size, result = 0; } - if (*marker != BCACHE_MARKER) { - printf("BUG: bcache corruption detected: nblks: %zu p_blk: %lu, " - "p_size: %zu, ra: %zu\n", bc->bcache_nblks, - (long unsigned)BHASH(bc, p_blk), p_size, ra); - } - done: if ((result == 0) && (rsize != NULL)) *rsize = size;
