CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Kyle Evans <kevans@FreeBSD.org>
	Wed, 24 Jan 2024 19:36:26 +0000 (13:36 -0600)
committer	Kyle Evans <kevans@FreeBSD.org>
	Wed, 24 Jan 2024 19:48:31 +0000 (13:48 -0600)
commit	5738d741fb796c1f0a6b5c2157af7de58104ac97
tree	0395caa6b10f5dedf57587dcd855b3e445feadc1	tree \| snapshot
parent	8b82f36f890391e063ad64746ec612aeabfc2c41	commit \| diff

kern: tty: fix recanonicalization

`ti->ti_begin` is actually the offset within the first block that is
unread, so we must use that for our lower bound.

Moving to the previous block has to be done at the end of the loop in
order to correctly handle the case of ti_begin == TTYINQ_DATASIZE.  At
that point, lastblock is still the last one with data written and the
next write into the queue would advance lastblock.  If we move to the
previous block at the beginning, then we're essentially off by one block
for the entire scan and run the risk of running off the end of the block
queue.

The ti_begin == 0 case is still handled correctly, as we skip the loop
entirely and the linestart gets recorded as the first byte available for
writing.  The bit after the loop about moving to the next block is also
still correct, even with both previous fixes in mind: we skipped moving
to the previous block if we hit ti_begin, and `off + 1` would in-fact be
a member of the next block from where we're reading if it falls on a
block boundary.

Reported by: dim
Fixes: 522083ffbd1ab ("kern: tty: recanonicalize the buffer on [...]")