In humanize_number(), avoid an integer overflow if the buffer

provided is "too large" (log10(2^64) = 19). (It can still overflow if the input value is close to 2^64 but I don't consider this a problem.) fixes nonsense displayed as "total memory" on boot
2009-04-02 17:25:24 +00:00 · 2009-04-02 17:25:24 +00:00 · eb4f9278bc
parent f2ca316138
commit eb4f9278bc
1 changed files with 6 additions and 3 deletions
--- a/sys/kern/kern_subr.c
+++ b/sys/kern/kern_subr.c
@ -1,4 +1,4 @@
-/*	$NetBSD: kern_subr.c,v 1.198 2009/01/11 02:45:52 christos Exp $	*/
+/*	$NetBSD: kern_subr.c,v 1.199 2009/04/02 17:25:24 drochner Exp $	*/

 /*-
 * Copyright (c) 1997, 1998, 1999, 2002, 2007, 2008 The NetBSD Foundation, Inc.
@ -79,7 +79,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.198 2009/01/11 02:45:52 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.199 2009/04/02 17:25:24 drochner Exp $");

 #include "opt_ddb.h"
 #include "opt_md.h"
@ -1261,8 +1261,11 @@ humanize_number(char *buf, size_t len, uint64_t bytes, const char *suffix,
 		prefixes = " kMGTPE"; /* SI for decimal multiplies */

 	umax = 1;
-	for (i = 0; i < len - suffixlen - 3; i++)
+	for (i = 0; i < len - suffixlen - 3; i++) {
 		umax *= 10;
+		if (umax > bytes)
+			break;
+	}
 	for (i = 0; bytes >= umax && prefixes[i + 1]; i++)
 		bytes /= divisor;