CVS commit: src/sys

Maxime Villard Sat, 22 Mar 2014 01:15:55 -0700

Module Name:    src
Committed By:   maxv
Date:           Sat Mar 22 08:15:25 UTC 2014


Modified Files:
        src/sys/compat/netbsd32: netbsd32_netbsd.c
        src/sys/kern: vfs_syscalls.c

Log Message:
Fix a potential - but very unlikely - NULL pointer dereference.
(it does not introduce a new error code for open(), since
 pathbuf_copyin() is already there and can return ENOMEM)

Found by my code scanner.


To generate a diff of this commit:
cvs rdiff -u -r1.184 -r1.185 src/sys/compat/netbsd32/netbsd32_netbsd.c
cvs rdiff -u -r1.476 -r1.477 src/sys/kern/vfs_syscalls.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/compat/netbsd32/netbsd32_netbsd.c
diff -u src/sys/compat/netbsd32/netbsd32_netbsd.c:1.184 src/sys/compat/netbsd32/netbsd32_netbsd.c:1.185
--- src/sys/compat/netbsd32/netbsd32_netbsd.c:1.184	Mon Feb  3 13:20:20 2014
+++ src/sys/compat/netbsd32/netbsd32_netbsd.c	Sat Mar 22 08:15:25 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: netbsd32_netbsd.c,v 1.184 2014/02/03 13:20:20 manu Exp $	*/
+/*	$NetBSD: netbsd32_netbsd.c,v 1.185 2014/03/22 08:15:25 maxv Exp $	*/
 
 /*
  * Copyright (c) 1998, 2001, 2008 Matthew R. Green
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.184 2014/02/03 13:20:20 manu Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.185 2014/03/22 08:15:25 maxv Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_ddb.h"
@@ -241,8 +241,11 @@ netbsd32_open(struct lwp *l, const struc
 		error = pathbuf_copyin(SCARG(&ua, path), &pb);
 		if (error) 
 			return error; 
-	} else
+	} else {
 		pb = pathbuf_create(".");
+		if (pb == NULL)
+			return ENOMEM;
+	}
                 
         error = do_open(l, NULL, pb, SCARG(&ua, flags), SCARG(&ua, mode), &fd);
         pathbuf_destroy(pb);

Index: src/sys/kern/vfs_syscalls.c
diff -u src/sys/kern/vfs_syscalls.c:1.476 src/sys/kern/vfs_syscalls.c:1.477
--- src/sys/kern/vfs_syscalls.c:1.476	Sat Feb 15 22:32:16 2014
+++ src/sys/kern/vfs_syscalls.c	Sat Mar 22 08:15:25 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_syscalls.c,v 1.476 2014/02/15 22:32:16 njoly Exp $	*/
+/*	$NetBSD: vfs_syscalls.c,v 1.477 2014/03/22 08:15:25 maxv Exp $	*/
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.476 2014/02/15 22:32:16 njoly Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.477 2014/03/22 08:15:25 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_fileassoc.h"
@@ -1624,9 +1624,11 @@ do_sys_openat(lwp_t *l, int fdat, const 
 	int error;
 
 #ifdef COMPAT_10	/* XXX: and perhaps later */
-	if (path == NULL)
+	if (path == NULL) {
 		pb = pathbuf_create(".");
-	else
+		if (pb == NULL)
+			return ENOMEM;
+	} else
 #endif
 	{
 		error = pathbuf_copyin(path, &pb);

CVS commit: src/sys

Reply via email to