[Xenomai-git] Philippe Gerum : cobalt/rtdm, lib/cobalt: do not dereference path from open() wrapper

Fri, 15 Aug 2014 09:28:50 -0700 

Module: xenomai-forge
Branch: next
Commit: b9e8979379e40aaaae9790007cdfdd157d34632f
URL:    
http://git.xenomai.org/?p=xenomai-forge.git;a=commit;h=b9e8979379e40aaaae9790007cdfdd157d34632f

Author: Philippe Gerum <r...@xenomai.org>
Date:   Fri Aug 15 18:23:56 2014 +0200

cobalt/rtdm, lib/cobalt: do not dereference path from open() wrapper

In the event of receiving an invalid path pointer in open(), we don't
want to dereference it from userland, but rather let the kernel handle
the access trap gracefully, and send back -EFAULT to the library.

For this reason, move the "/dev/" stripping to kernel space.

---

 kernel/cobalt/rtdm/core.c |    4 ++++
 lib/cobalt/rtdm.c         |   18 ++++++------------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/kernel/cobalt/rtdm/core.c b/kernel/cobalt/rtdm/core.c
index a89945c..c16b163 100644
--- a/kernel/cobalt/rtdm/core.c
+++ b/kernel/cobalt/rtdm/core.c
@@ -145,6 +145,10 @@ int __rt_dev_open(struct xnsys_ppd *p, int ufd, const char 
*path, int oflag)
        struct rtdm_dev_context *context;
        int ret, minor;
 
+       /* skip common /dev prefix */
+       if (strncmp(path, "/dev/", 5) == 0)
+               path += 5;
+
        device = __rtdm_get_named_device(path, &minor);
        ret = -ENODEV;
        if (!device)
diff --git a/lib/cobalt/rtdm.c b/lib/cobalt/rtdm.c
index bc5ae6c..f6b8fde 100644
--- a/lib/cobalt/rtdm.c
+++ b/lib/cobalt/rtdm.c
@@ -45,27 +45,21 @@ static inline int set_errno(int ret)
 COBALT_IMPL(int, open, (const char *path, int oflag, ...))
 {
        int ret, fd, oldtype;
-       const char *rtdm_path = path;
        va_list ap;
 
        fd = __STD(open("/dev/null", O_RDONLY));
        if (fd < 0)
                return fd;
-
+       /*
+        * Don't dereference path, as it might be invalid. Leave it to
+        * the kernel service.
+        */
        pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldtype);
-
-       /* skip path prefix for RTDM invocation */
-       if (strncmp(path, "/dev/", 5) == 0)
-               rtdm_path += 5;
-
-       ret = XENOMAI_SKINCALL3(__rtdm_muxid,
-                               sc_rtdm_open,
-                               fd, rtdm_path, oflag);
-
+       ret = XENOMAI_SKINCALL3(__rtdm_muxid, sc_rtdm_open, fd, path, oflag);
        pthread_setcanceltype(oldtype, NULL);
-
        if (ret == fd)
                return fd;
+
        __STD(close(fd));
 
        if (ret != -ENODEV && ret != -ENOSYS)


_______________________________________________
Xenomai-git mailing list
Xenomai-git@xenomai.org
http://www.xenomai.org/mailman/listinfo/xenomai-git

Reply via email to