From f7788a6bcd1d1d2a8f0a9140eeff6b6a7e4b2aec Mon Sep 17 00:00:00 2001
From: mckusick <mckusick@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Date: Fri, 23 Feb 2018 23:07:41 +0000
Subject: [PATCH] MFC of 329749.

Fix a read past the end of a buffer in fsck.


git-svn-id: svn://svn.freebsd.org/base/stable/10@329883 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
---
 sbin/fsck_ffs/inode.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sbin/fsck_ffs/inode.c b/sbin/fsck_ffs/inode.c
index e8baf097c..0f94c9db4 100644
--- a/sbin/fsck_ffs/inode.c
+++ b/sbin/fsck_ffs/inode.c
@@ -451,8 +451,10 @@ cacheino(union dinode *dp, ino_t inumber)
 
 	if (howmany(DIP(dp, di_size), sblock.fs_bsize) > NDADDR)
 		blks = NDADDR + NIADDR;
-	else
+	else if (DIP(dp, di_size) > 0)
 		blks = howmany(DIP(dp, di_size), sblock.fs_bsize);
+	else
+		blks = 1;
 	inp = (struct inoinfo *)
 		Malloc(sizeof(*inp) + (blks - 1) * sizeof(ufs2_daddr_t));
 	if (inp == NULL)
-- 
2.45.0