From: Theodore Ts'o Date: Mon, 7 Sep 2009 20:21:49 +0000 (-0400) Subject: libext2fs: Round up the bitmap size when allocating a new bitmap X-Git-Tag: v1.41.10~50 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=51e64594919c986f87267b895504322a38ec4fac;p=thirdparty%2Fe2fsprogs.git libext2fs: Round up the bitmap size when allocating a new bitmap The x86 BT assembly instructure can overshoot the end of a bit array when testing a bit at the end of the bit array, even if it never needs to look at those memory locations. This can cause a spurious segmentation fault. If we allocate a little extra memory, it avoids this problem. See: http://faydoc.tripod.com/cpu/bt.htm This doesn't happen on Linux, probably because of the glibc's malloc() function works, but apparently it's a major problem on the *BSD operating systems. Addresses-Sourceforge-Bug: #2328708 Signed-off-by: "Theodore Ts'o" --- diff --git a/lib/ext2fs/gen_bitmap.c b/lib/ext2fs/gen_bitmap.c index 1f7d2c4cf..54a39dcb5 100644 --- a/lib/ext2fs/gen_bitmap.c +++ b/lib/ext2fs/gen_bitmap.c @@ -103,6 +103,8 @@ errcode_t ext2fs_make_generic_bitmap(errcode_t magic, ext2_filsys fs, bitmap->description = 0; size = (size_t) (((bitmap->real_end - bitmap->start) / 8) + 1); + /* Round up to allow for the BT x86 instruction */ + size = (size + 7) & ~3; retval = ext2fs_get_mem(size, &bitmap->bitmap); if (retval) { ext2fs_free_mem(&bitmap->description);