CVS commit: [netbsd-8] src/sys

Martin Husemann Fri, 17 Jul 2020 08:28:25 -0700

Module Name:    src
Committed By:   martin
Date:           Fri Jul 17 15:28:08 UTC 2020


Modified Files:
        src/sys/compat/common [netbsd-8]: uipc_syscalls_40.c
        src/sys/compat/linux/common [netbsd-8]: linux_socket.c
        src/sys/compat/linux32/common [netbsd-8]: linux32_socket.c
        src/sys/net [netbsd-8]: if.c

Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #1576):

        sys/net/if.c: revision 1.479
        sys/compat/common/uipc_syscalls_40.c: revision 1.23
        sys/compat/linux/common/linux_socket.c: revision 1.150
        sys/compat/linux32/common/linux32_socket.c: revision 1.31

 Don't accept negative value.


To generate a diff of this commit:
cvs rdiff -u -r1.13.6.3 -r1.13.6.4 src/sys/compat/common/uipc_syscalls_40.c
cvs rdiff -u -r1.138.6.5 -r1.138.6.6 \
    src/sys/compat/linux/common/linux_socket.c
cvs rdiff -u -r1.27.6.3 -r1.27.6.4 \
    src/sys/compat/linux32/common/linux32_socket.c
cvs rdiff -u -r1.394.2.18 -r1.394.2.19 src/sys/net/if.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/compat/common/uipc_syscalls_40.c
diff -u src/sys/compat/common/uipc_syscalls_40.c:1.13.6.3 src/sys/compat/common/uipc_syscalls_40.c:1.13.6.4
--- src/sys/compat/common/uipc_syscalls_40.c:1.13.6.3	Fri Apr 19 09:12:58 2019
+++ src/sys/compat/common/uipc_syscalls_40.c	Fri Jul 17 15:28:07 2020
@@ -1,9 +1,9 @@
-/*	$NetBSD: uipc_syscalls_40.c,v 1.13.6.3 2019/04/19 09:12:58 martin Exp $	*/
+/*	$NetBSD: uipc_syscalls_40.c,v 1.13.6.4 2020/07/17 15:28:07 martin Exp $	*/
 
 /* written by Pavel Cahyna, 2006. Public domain. */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.13.6.3 2019/04/19 09:12:58 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.13.6.4 2020/07/17 15:28:07 martin Exp $");
 
 /*
  * System call interface to the socket abstraction.
@@ -42,11 +42,14 @@ compat_ifconf(u_long cmd, void *data)
 	int bound;
 	struct psref psref;
 
-	memset(&ifr, 0, sizeof(ifr));
 	if (docopy) {
+		if (ifc->ifc_len < 0)
+			return EINVAL;
+
 		space = ifc->ifc_len;
 		ifrp = ifc->ifc_req;
 	}
+	memset(&ifr, 0, sizeof(ifr));
 
 	bound = curlwp_bind();
 	s = pserialize_read_enter();

Index: src/sys/compat/linux/common/linux_socket.c
diff -u src/sys/compat/linux/common/linux_socket.c:1.138.6.5 src/sys/compat/linux/common/linux_socket.c:1.138.6.6
--- src/sys/compat/linux/common/linux_socket.c:1.138.6.5	Tue Jan 21 18:12:54 2020
+++ src/sys/compat/linux/common/linux_socket.c	Fri Jul 17 15:28:08 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux_socket.c,v 1.138.6.5 2020/01/21 18:12:54 martin Exp $	*/
+/*	$NetBSD: linux_socket.c,v 1.138.6.6 2020/07/17 15:28:08 martin Exp $	*/
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.138.6.5 2020/01/21 18:12:54 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.138.6.6 2020/07/17 15:28:08 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -1156,12 +1156,15 @@ linux_getifconf(struct lwp *l, register_
 	if (error)
 		return error;
 
-	memset(&ifr, 0, sizeof(ifr));
 	docopy = ifc.ifc_req != NULL;
 	if (docopy) {
+		if (ifc.ifc_len < 0)
+			return EINVAL;
+
 		space = ifc.ifc_len;
 		ifrp = ifc.ifc_req;
 	}
+	memset(&ifr, 0, sizeof(ifr));
 
 	bound = curlwp_bind();
 	s = pserialize_read_enter();

Index: src/sys/compat/linux32/common/linux32_socket.c
diff -u src/sys/compat/linux32/common/linux32_socket.c:1.27.6.3 src/sys/compat/linux32/common/linux32_socket.c:1.27.6.4
--- src/sys/compat/linux32/common/linux32_socket.c:1.27.6.3	Fri Apr 19 09:12:58 2019
+++ src/sys/compat/linux32/common/linux32_socket.c	Fri Jul 17 15:28:08 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux32_socket.c,v 1.27.6.3 2019/04/19 09:12:58 martin Exp $ */
+/*	$NetBSD: linux32_socket.c,v 1.27.6.4 2020/07/17 15:28:08 martin Exp $ */
 
 /*-
  * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@@ -33,7 +33,7 @@
 
 #include <sys/cdefs.h>
 
-__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.27.6.3 2019/04/19 09:12:58 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.27.6.4 2020/07/17 15:28:08 martin Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -431,12 +431,15 @@ linux32_getifconf(struct lwp *l, registe
 	if (error)
 		return error;
 
-	memset(&ifr, 0, sizeof(ifr));
 	docopy = NETBSD32PTR64(ifc.ifc_req) != NULL;
 	if (docopy) {
+		if (ifc.ifc_len < 0)
+			return EINVAL;
+
 		space = ifc.ifc_len;
 		ifrp = NETBSD32PTR64(ifc.ifc_req);
 	}
+	memset(&ifr, 0, sizeof(ifr));
 
 	bound = curlwp_bind();
 	s = pserialize_read_enter();

Index: src/sys/net/if.c
diff -u src/sys/net/if.c:1.394.2.18 src/sys/net/if.c:1.394.2.19
--- src/sys/net/if.c:1.394.2.18	Tue Sep 24 18:27:09 2019
+++ src/sys/net/if.c	Fri Jul 17 15:28:07 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: if.c,v 1.394.2.18 2019/09/24 18:27:09 martin Exp $	*/
+/*	$NetBSD: if.c,v 1.394.2.19 2020/07/17 15:28:07 martin Exp $	*/
 
 /*-
  * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.394.2.18 2019/09/24 18:27:09 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.394.2.19 2020/07/17 15:28:07 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -3392,11 +3392,14 @@ ifconf(u_long cmd, void *data)
 	int bound;
 	struct psref psref;
 
-	memset(&ifr, 0, sizeof(ifr));
 	if (docopy) {
+		if (ifc->ifc_len < 0)
+			return EINVAL;
+
 		space = ifc->ifc_len;
 		ifrp = ifc->ifc_req;
 	}
+	memset(&ifr, 0, sizeof(ifr));
 
 	bound = curlwp_bind();
 	s = pserialize_read_enter();

CVS commit: [netbsd-8] src/sys

Reply via email to