Module Name: src Committed By: kamil Date: Thu Jun 11 00:33:30 UTC 2020
Modified Files: src/sys/rump/librump/rumpkern: rump.c Log Message: Follow the syscall() logic and mask unsupported syscall ranges in rump Avoids invalid pointer dereference from too large syscall numbers. To generate a diff of this commit: cvs rdiff -u -r1.348 -r1.349 src/sys/rump/librump/rumpkern/rump.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/rump/librump/rumpkern/rump.c diff -u src/sys/rump/librump/rumpkern/rump.c:1.348 src/sys/rump/librump/rumpkern/rump.c:1.349 --- src/sys/rump/librump/rumpkern/rump.c:1.348 Sat May 23 23:42:44 2020 +++ src/sys/rump/librump/rumpkern/rump.c Thu Jun 11 00:33:30 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: rump.c,v 1.348 2020/05/23 23:42:44 ad Exp $ */ +/* $NetBSD: rump.c,v 1.349 2020/06/11 00:33:30 kamil Exp $ */ /* * Copyright (c) 2007-2011 Antti Kantee. All Rights Reserved. @@ -26,7 +26,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: rump.c,v 1.348 2020/05/23 23:42:44 ad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: rump.c,v 1.349 2020/06/11 00:33:30 kamil Exp $"); #include <sys/systm.h> #define ELFSIZE ARCH_ELFSIZE @@ -756,7 +756,9 @@ rump_syscall(int num, void *data, size_t p = curproc; e = p->p_emul; #ifndef __HAVE_MINIMAL_EMUL - KASSERT(num > 0 && num < e->e_nsysent); + num &= e->e_nsysent - 1; +#else + num &= SYS_NSYSENT - 1; #endif callp = e->e_sysent + num;