In article <tkr1u9a1ayw....@sigxcpu.sm.sony.co.jp>, <tsugutomo.en...@jp.sony.com> wrote: >> Modified Files: >> src/sbin/disklabel: main.c >> >> Log Message: >> CVE 1020933: Prevent integer overflow by using wider type >> >> To generate a diff of this commit: >> cvs rdiff -u -r1.33 -r1.34 src/sbin/disklabel/main.c > >Since the variable `offset' in find_label() is used to express an offset >within the array bootarea[], we don't need to change its type to off_t, >do we? > >I guess it is enough to warn when the value of LABEL_OFFSET doesn't fit >the bootarea[] (since the value can be altered by setting environment >variable LABELSECOTR and/or LABELOFFSET). > >enami. >
Are you worried about efficiency here? Yes, you can fix it differently by checking if LABEL_OFFSET fits. christos
