Module Name: src
Committed By: sborrill
Date: Fri Apr 25 15:43:51 UTC 2014
Modified Files:
src/sys/coda [netbsd-5]: coda_vfsops.c
src/sys/fs/adosfs [netbsd-5]: advfsops.c
src/sys/fs/cd9660 [netbsd-5]: cd9660_vfsops.c
src/sys/fs/efs [netbsd-5]: efs_vfsops.c
src/sys/fs/filecorefs [netbsd-5]: filecore_vfsops.c
src/sys/fs/hfs [netbsd-5]: hfs_vfsops.c
src/sys/fs/msdosfs [netbsd-5]: msdosfs_vfsops.c
src/sys/fs/ntfs [netbsd-5]: ntfs_vfsops.c
src/sys/fs/ptyfs [netbsd-5]: ptyfs_vfsops.c
src/sys/fs/puffs [netbsd-5]: puffs_vfsops.c
src/sys/fs/smbfs [netbsd-5]: smbfs_vfsops.c
src/sys/fs/sysvbfs [netbsd-5]: sysvbfs_vfsops.c
src/sys/fs/tmpfs [netbsd-5]: tmpfs_vfsops.c
src/sys/fs/udf [netbsd-5]: udf_vfsops.c
src/sys/fs/union [netbsd-5]: union_vfsops.c
src/sys/fs/unionfs [netbsd-5]: unionfs_vfsops.c
src/sys/kern [netbsd-5]: vfs_syscalls.c
src/sys/miscfs/nullfs [netbsd-5]: null_vfsops.c
src/sys/miscfs/overlay [netbsd-5]: overlay_vfsops.c
src/sys/miscfs/procfs [netbsd-5]: procfs_vfsops.c
src/sys/miscfs/umapfs [netbsd-5]: umap_vfsops.c
src/sys/nfs [netbsd-5]: nfs_vfsops.c
src/sys/ufs/ext2fs [netbsd-5]: ext2fs_vfsops.c
src/sys/ufs/ffs [netbsd-5]: ffs_vfsops.c
src/sys/ufs/lfs [netbsd-5]: lfs_vfsops.c
src/sys/ufs/mfs [netbsd-5]: mfs_vfsops.c
Log Message:
Pull up the following revisions(s) (requested by maxv in ticket #1901):
sys/kern/vfs_syscalls.c: revision 1.478, 1.480 via patch
sys/coda/coda_vfsops.c: revision 1.81
sys/fs/adosfs/advfsops.c: revision 1.70
sys/fs/cd9660/cd9660_vfsops.c: revision 1.84
sys/fs/efs/efs_vfsops.c: revision 1.25
sys/fs/filecorefs/filecore_vfsops.c: revision 1.76
sys/fs/hfs/hfs_vfsops.c: revision 1.31
sys/fs/msdosfs/msdosfs_vfsops.c: revision 1.107
sys/fs/ntfs/ntfs_vfsops.c: revision 1.94
sys/fs/ptyfs/ptyfs_vfsops.c: revision 1.50 via patch
sys/fs/puffs/puffs_vfsops.c: revision 1.110 via patch
sys/fs/smbfs/smbfs_vfsops.c: revision 1.100
sys/fs/sysvbfs/sysvbfs_vfsops.c: revision 1.43
sys/fs/tmpfs/tmpfs_vfsops.c: revision 1.59 via patch
sys/fs/udf/udf_vfsops.c: revision 1.67
sys/fs/union/union_vfsops.c: revision 1.72
sys/fs/unionfs/unionfs_vfsops.c: revision 1.13
sys/kern/vfs_syscalls.c: revision 1.479
sys/miscfs/nullfs/null_vfsops.c: revision 1.88 via patch
sys/miscfs/overlay/overlay_vfsops.c: revision 1.61
sys/miscfs/procfs/procfs_vfsops.c: revision 1.91
sys/miscfs/umapfs/umap_vfsops.c: revision 1.92
sys/nfs/nfs_vfsops.c: revision 1.227
sys/ufs/ext2fs/ext2fs_vfsops.c: revision 1.180
sys/ufs/ffs/ffs_vfsops.c: revision 1.297
sys/ufs/lfs/lfs_vfsops.c: revision 1.321
sys/ufs/mfs/mfs_vfsops.c: revision 1.107
Due to missing checks in the mount syscall, and a wrong assumption on the
file systems side, the kernel could allocate an unbounded or zero-sized
memory buffer, and could dereference a NULL pointer when particular
arguments are given by a user.
To generate a diff of this commit:
cvs rdiff -u -r1.66 -r1.66.8.1 src/sys/coda/coda_vfsops.c
cvs rdiff -u -r1.53 -r1.53.6.1 src/sys/fs/adosfs/advfsops.c
cvs rdiff -u -r1.63.6.1 -r1.63.6.2 src/sys/fs/cd9660/cd9660_vfsops.c
cvs rdiff -u -r1.16.4.1 -r1.16.4.2 src/sys/fs/efs/efs_vfsops.c
cvs rdiff -u -r1.55 -r1.55.6.1 src/sys/fs/filecorefs/filecore_vfsops.c
cvs rdiff -u -r1.19 -r1.19.4.1 src/sys/fs/hfs/hfs_vfsops.c
cvs rdiff -u -r1.68.6.2 -r1.68.6.3 src/sys/fs/msdosfs/msdosfs_vfsops.c
cvs rdiff -u -r1.72.6.1 -r1.72.6.2 src/sys/fs/ntfs/ntfs_vfsops.c
cvs rdiff -u -r1.37 -r1.37.4.1 src/sys/fs/ptyfs/ptyfs_vfsops.c
cvs rdiff -u -r1.81.8.3 -r1.81.8.4 src/sys/fs/puffs/puffs_vfsops.c
cvs rdiff -u -r1.85.4.1 -r1.85.4.2 src/sys/fs/smbfs/smbfs_vfsops.c
cvs rdiff -u -r1.26 -r1.26.4.1 src/sys/fs/sysvbfs/sysvbfs_vfsops.c
cvs rdiff -u -r1.44 -r1.44.4.1 src/sys/fs/tmpfs/tmpfs_vfsops.c
cvs rdiff -u -r1.52.2.3 -r1.52.2.4 src/sys/fs/udf/udf_vfsops.c
cvs rdiff -u -r1.57.6.2 -r1.57.6.3 src/sys/fs/union/union_vfsops.c
cvs rdiff -u -r1.5 -r1.5.6.1 src/sys/fs/unionfs/unionfs_vfsops.c
cvs rdiff -u -r1.376.4.7 -r1.376.4.8 src/sys/kern/vfs_syscalls.c
cvs rdiff -u -r1.77 -r1.77.6.1 src/sys/miscfs/nullfs/null_vfsops.c
cvs rdiff -u -r1.53 -r1.53.6.1 src/sys/miscfs/overlay/overlay_vfsops.c
cvs rdiff -u -r1.81 -r1.81.6.1 src/sys/miscfs/procfs/procfs_vfsops.c
cvs rdiff -u -r1.80 -r1.80.6.1 src/sys/miscfs/umapfs/umap_vfsops.c
cvs rdiff -u -r1.203 -r1.203.4.1 src/sys/nfs/nfs_vfsops.c
cvs rdiff -u -r1.137.6.6 -r1.137.6.7 src/sys/ufs/ext2fs/ext2fs_vfsops.c
cvs rdiff -u -r1.239.2.4 -r1.239.2.5 src/sys/ufs/ffs/ffs_vfsops.c
cvs rdiff -u -r1.267.6.1 -r1.267.6.2 src/sys/ufs/lfs/lfs_vfsops.c
cvs rdiff -u -r1.98 -r1.98.6.1 src/sys/ufs/mfs/mfs_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/coda/coda_vfsops.c
diff -u src/sys/coda/coda_vfsops.c:1.66 src/sys/coda/coda_vfsops.c:1.66.8.1
--- src/sys/coda/coda_vfsops.c:1.66 Sat May 10 02:26:09 2008
+++ src/sys/coda/coda_vfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: coda_vfsops.c,v 1.66 2008/05/10 02:26:09 rumble Exp $ */
+/* $NetBSD: coda_vfsops.c,v 1.66.8.1 2014/04/25 15:43:49 sborrill Exp $ */
/*
*
@@ -45,7 +45,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: coda_vfsops.c,v 1.66 2008/05/10 02:26:09 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: coda_vfsops.c,v 1.66.8.1 2014/04/25 15:43:49 sborrill Exp $");
#ifdef _LKM
#define NVCODA 4
@@ -186,6 +186,8 @@ coda_mount(struct mount *vfsp, /* Alloca
CodaFid ctlfid = CTL_FID;
int error;
+ if (data == NULL)
+ return EINVAL;
if (vfsp->mnt_flag & MNT_GETARGS)
return EINVAL;
ENTRY;
Index: src/sys/fs/adosfs/advfsops.c
diff -u src/sys/fs/adosfs/advfsops.c:1.53 src/sys/fs/adosfs/advfsops.c:1.53.6.1
--- src/sys/fs/adosfs/advfsops.c:1.53 Sat Jun 28 01:34:05 2008
+++ src/sys/fs/adosfs/advfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: advfsops.c,v 1.53 2008/06/28 01:34:05 rumble Exp $ */
+/* $NetBSD: advfsops.c,v 1.53.6.1 2014/04/25 15:43:49 sborrill Exp $ */
/*
* Copyright (c) 1994 Christian E. Hopps
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: advfsops.c,v 1.53 2008/06/28 01:34:05 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: advfsops.c,v 1.53.6.1 2014/04/25 15:43:49 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -99,6 +99,8 @@ adosfs_mount(mp, path, data, data_len)
int error;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/cd9660/cd9660_vfsops.c
diff -u src/sys/fs/cd9660/cd9660_vfsops.c:1.63.6.1 src/sys/fs/cd9660/cd9660_vfsops.c:1.63.6.2
--- src/sys/fs/cd9660/cd9660_vfsops.c:1.63.6.1 Tue Oct 27 21:58:34 2009
+++ src/sys/fs/cd9660/cd9660_vfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: cd9660_vfsops.c,v 1.63.6.1 2009/10/27 21:58:34 bouyer Exp $ */
+/* $NetBSD: cd9660_vfsops.c,v 1.63.6.2 2014/04/25 15:43:49 sborrill Exp $ */
/*-
* Copyright (c) 1994
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cd9660_vfsops.c,v 1.63.6.1 2009/10/27 21:58:34 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cd9660_vfsops.c,v 1.63.6.2 2014/04/25 15:43:49 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -225,6 +225,8 @@ cd9660_mount(struct mount *mp, const cha
int error;
struct iso_mnt *imp = VFSTOISOFS(mp);
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/efs/efs_vfsops.c
diff -u src/sys/fs/efs/efs_vfsops.c:1.16.4.1 src/sys/fs/efs/efs_vfsops.c:1.16.4.2
--- src/sys/fs/efs/efs_vfsops.c:1.16.4.1 Tue Jan 6 23:34:46 2009
+++ src/sys/fs/efs/efs_vfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: efs_vfsops.c,v 1.16.4.1 2009/01/06 23:34:46 snj Exp $ */
+/* $NetBSD: efs_vfsops.c,v 1.16.4.2 2014/04/25 15:43:49 sborrill Exp $ */
/*
* Copyright (c) 2006 Stephen M. Rumble <[email protected]>
@@ -17,7 +17,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: efs_vfsops.c,v 1.16.4.1 2009/01/06 23:34:46 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: efs_vfsops.c,v 1.16.4.2 2014/04/25 15:43:49 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -180,6 +180,8 @@ efs_mount(struct mount *mp, const char *
struct vnode *devvp;
int err, mode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/filecorefs/filecore_vfsops.c
diff -u src/sys/fs/filecorefs/filecore_vfsops.c:1.55 src/sys/fs/filecorefs/filecore_vfsops.c:1.55.6.1
--- src/sys/fs/filecorefs/filecore_vfsops.c:1.55 Sat Jun 28 01:34:05 2008
+++ src/sys/fs/filecorefs/filecore_vfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: filecore_vfsops.c,v 1.55 2008/06/28 01:34:05 rumble Exp $ */
+/* $NetBSD: filecore_vfsops.c,v 1.55.6.1 2014/04/25 15:43:49 sborrill Exp $ */
/*-
* Copyright (c) 1994 The Regents of the University of California.
@@ -66,7 +66,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: filecore_vfsops.c,v 1.55 2008/06/28 01:34:05 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: filecore_vfsops.c,v 1.55.6.1 2014/04/25 15:43:49 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -250,6 +250,8 @@ filecore_mount(mp, path, data, data_len)
int error;
struct filecore_mnt *fcmp = NULL;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/hfs/hfs_vfsops.c
diff -u src/sys/fs/hfs/hfs_vfsops.c:1.19 src/sys/fs/hfs/hfs_vfsops.c:1.19.4.1
--- src/sys/fs/hfs/hfs_vfsops.c:1.19 Wed Sep 3 22:57:46 2008
+++ src/sys/fs/hfs/hfs_vfsops.c Fri Apr 25 15:43:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: hfs_vfsops.c,v 1.19 2008/09/03 22:57:46 gmcgarry Exp $ */
+/* $NetBSD: hfs_vfsops.c,v 1.19.4.1 2014/04/25 15:43:49 sborrill Exp $ */
/*-
* Copyright (c) 2005, 2007 The NetBSD Foundation, Inc.
@@ -99,7 +99,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: hfs_vfsops.c,v 1.19 2008/09/03 22:57:46 gmcgarry Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hfs_vfsops.c,v 1.19.4.1 2014/04/25 15:43:49 sborrill Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -206,6 +206,8 @@ hfs_mount(struct mount *mp, const char *
int update;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/msdosfs/msdosfs_vfsops.c
diff -u src/sys/fs/msdosfs/msdosfs_vfsops.c:1.68.6.2 src/sys/fs/msdosfs/msdosfs_vfsops.c:1.68.6.3
--- src/sys/fs/msdosfs/msdosfs_vfsops.c:1.68.6.2 Sun Feb 8 19:10:44 2009
+++ src/sys/fs/msdosfs/msdosfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: msdosfs_vfsops.c,v 1.68.6.2 2009/02/08 19:10:44 snj Exp $ */
+/* $NetBSD: msdosfs_vfsops.c,v 1.68.6.3 2014/04/25 15:43:50 sborrill Exp $ */
/*-
* Copyright (C) 1994, 1995, 1997 Wolfgang Solfrank.
@@ -48,7 +48,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: msdosfs_vfsops.c,v 1.68.6.2 2009/02/08 19:10:44 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: msdosfs_vfsops.c,v 1.68.6.3 2014/04/25 15:43:50 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_quota.h"
@@ -300,6 +300,8 @@ msdosfs_mount(mp, path, data, data_len)
int error, flags;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/ntfs/ntfs_vfsops.c
diff -u src/sys/fs/ntfs/ntfs_vfsops.c:1.72.6.1 src/sys/fs/ntfs/ntfs_vfsops.c:1.72.6.2
--- src/sys/fs/ntfs/ntfs_vfsops.c:1.72.6.1 Thu Sep 10 07:33:24 2009
+++ src/sys/fs/ntfs/ntfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: ntfs_vfsops.c,v 1.72.6.1 2009/09/10 07:33:24 snj Exp $ */
+/* $NetBSD: ntfs_vfsops.c,v 1.72.6.2 2014/04/25 15:43:50 sborrill Exp $ */
/*-
* Copyright (c) 1998, 1999 Semen Ustimenko
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ntfs_vfsops.c,v 1.72.6.1 2009/09/10 07:33:24 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ntfs_vfsops.c,v 1.72.6.2 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -176,6 +176,8 @@ ntfs_mount (
struct vnode *devvp;
struct ntfs_args *args = data;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/ptyfs/ptyfs_vfsops.c
diff -u src/sys/fs/ptyfs/ptyfs_vfsops.c:1.37 src/sys/fs/ptyfs/ptyfs_vfsops.c:1.37.4.1
--- src/sys/fs/ptyfs/ptyfs_vfsops.c:1.37 Sun Oct 26 23:06:41 2008
+++ src/sys/fs/ptyfs/ptyfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: ptyfs_vfsops.c,v 1.37 2008/10/26 23:06:41 joerg Exp $ */
+/* $NetBSD: ptyfs_vfsops.c,v 1.37.4.1 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 1992, 1993, 1995
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ptyfs_vfsops.c,v 1.37 2008/10/26 23:06:41 joerg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ptyfs_vfsops.c,v 1.37.4.1 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -186,6 +186,8 @@ ptyfs_mount(struct mount *mp, const char
struct ptyfsmount *pmnt;
struct ptyfs_args *args = data;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/puffs/puffs_vfsops.c
diff -u src/sys/fs/puffs/puffs_vfsops.c:1.81.8.3 src/sys/fs/puffs/puffs_vfsops.c:1.81.8.4
--- src/sys/fs/puffs/puffs_vfsops.c:1.81.8.3 Wed Nov 2 20:11:12 2011
+++ src/sys/fs/puffs/puffs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: puffs_vfsops.c,v 1.81.8.3 2011/11/02 20:11:12 riz Exp $ */
+/* $NetBSD: puffs_vfsops.c,v 1.81.8.4 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 2005, 2006 Antti Kantee. All Rights Reserved.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: puffs_vfsops.c,v 1.81.8.3 2011/11/02 20:11:12 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: puffs_vfsops.c,v 1.81.8.4 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/mount.h>
@@ -92,6 +92,8 @@ puffs_vfsop_mount(struct mount *mp, cons
int error = 0, i;
pid_t mntpid = curlwp->l_proc->p_pid;
+ if (data == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
@@ -106,12 +108,6 @@ puffs_vfsop_mount(struct mount *mp, cons
if (mp->mnt_flag & MNT_UPDATE)
return EOPNOTSUPP;
- /*
- * We need the file system name
- */
- if (!data)
- return EINVAL;
-
error = fstrans_mount(mp);
if (error)
return error;
Index: src/sys/fs/smbfs/smbfs_vfsops.c
diff -u src/sys/fs/smbfs/smbfs_vfsops.c:1.85.4.1 src/sys/fs/smbfs/smbfs_vfsops.c:1.85.4.2
--- src/sys/fs/smbfs/smbfs_vfsops.c:1.85.4.1 Sat Oct 3 23:05:25 2009
+++ src/sys/fs/smbfs/smbfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: smbfs_vfsops.c,v 1.85.4.1 2009/10/03 23:05:25 snj Exp $ */
+/* $NetBSD: smbfs_vfsops.c,v 1.85.4.2 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 2000-2001, Boris Popov
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: smbfs_vfsops.c,v 1.85.4.1 2009/10/03 23:05:25 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: smbfs_vfsops.c,v 1.85.4.2 2014/04/25 15:43:50 sborrill Exp $");
#ifdef _KERNEL_OPT
#include "opt_quota.h"
@@ -167,6 +167,8 @@ smbfs_mount(struct mount *mp, const char
struct proc *p;
int error;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/sysvbfs/sysvbfs_vfsops.c
diff -u src/sys/fs/sysvbfs/sysvbfs_vfsops.c:1.26 src/sys/fs/sysvbfs/sysvbfs_vfsops.c:1.26.4.1
--- src/sys/fs/sysvbfs/sysvbfs_vfsops.c:1.26 Thu Sep 4 12:28:14 2008
+++ src/sys/fs/sysvbfs/sysvbfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: sysvbfs_vfsops.c,v 1.26 2008/09/04 12:28:14 pooka Exp $ */
+/* $NetBSD: sysvbfs_vfsops.c,v 1.26.4.1 2014/04/25 15:43:50 sborrill Exp $ */
/*-
* Copyright (c) 2004 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sysvbfs_vfsops.c,v 1.26 2008/09/04 12:28:14 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sysvbfs_vfsops.c,v 1.26.4.1 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -79,6 +79,8 @@ sysvbfs_mount(struct mount *mp, const ch
DPRINTF("%s: mnt_flag=%x\n", __func__, mp->mnt_flag);
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/tmpfs/tmpfs_vfsops.c
diff -u src/sys/fs/tmpfs/tmpfs_vfsops.c:1.44 src/sys/fs/tmpfs/tmpfs_vfsops.c:1.44.4.1
--- src/sys/fs/tmpfs/tmpfs_vfsops.c:1.44 Tue Jul 29 09:10:09 2008
+++ src/sys/fs/tmpfs/tmpfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: tmpfs_vfsops.c,v 1.44 2008/07/29 09:10:09 pooka Exp $ */
+/* $NetBSD: tmpfs_vfsops.c,v 1.44.4.1 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 2005, 2006, 2007 The NetBSD Foundation, Inc.
@@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tmpfs_vfsops.c,v 1.44 2008/07/29 09:10:09 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tmpfs_vfsops.c,v 1.44.4.1 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -89,6 +89,8 @@ tmpfs_mount(struct mount *mp, const char
struct tmpfs_node *root;
struct tmpfs_args *args = data;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/udf/udf_vfsops.c
diff -u src/sys/fs/udf/udf_vfsops.c:1.52.2.3 src/sys/fs/udf/udf_vfsops.c:1.52.2.4
--- src/sys/fs/udf/udf_vfsops.c:1.52.2.3 Thu Jul 9 19:44:34 2009
+++ src/sys/fs/udf/udf_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: udf_vfsops.c,v 1.52.2.3 2009/07/09 19:44:34 snj Exp $ */
+/* $NetBSD: udf_vfsops.c,v 1.52.2.4 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 2006, 2008 Reinoud Zandijk
@@ -28,7 +28,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__KERNEL_RCSID(0, "$NetBSD: udf_vfsops.c,v 1.52.2.3 2009/07/09 19:44:34 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udf_vfsops.c,v 1.52.2.4 2014/04/25 15:43:50 sborrill Exp $");
#endif /* not lint */
@@ -324,6 +324,8 @@ udf_mount(struct mount *mp, const char *
DPRINTF(CALL, ("udf_mount called\n"));
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/union/union_vfsops.c
diff -u src/sys/fs/union/union_vfsops.c:1.57.6.2 src/sys/fs/union/union_vfsops.c:1.57.6.3
--- src/sys/fs/union/union_vfsops.c:1.57.6.2 Sat Sep 17 18:54:38 2011
+++ src/sys/fs/union/union_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: union_vfsops.c,v 1.57.6.2 2011/09/17 18:54:38 bouyer Exp $ */
+/* $NetBSD: union_vfsops.c,v 1.57.6.3 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 1994 The Regents of the University of California.
@@ -77,7 +77,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: union_vfsops.c,v 1.57.6.2 2011/09/17 18:54:38 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: union_vfsops.c,v 1.57.6.3 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -123,6 +123,8 @@ union_mount(struct mount *mp, const char
int len;
size_t size;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/fs/unionfs/unionfs_vfsops.c
diff -u src/sys/fs/unionfs/unionfs_vfsops.c:1.5 src/sys/fs/unionfs/unionfs_vfsops.c:1.5.6.1
--- src/sys/fs/unionfs/unionfs_vfsops.c:1.5 Sat Jun 28 01:34:05 2008
+++ src/sys/fs/unionfs/unionfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -88,6 +88,8 @@ unionfs_mount(struct mount *mp, const ch
const char *cp;
char *xp;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/kern/vfs_syscalls.c
diff -u src/sys/kern/vfs_syscalls.c:1.376.4.7 src/sys/kern/vfs_syscalls.c:1.376.4.8
--- src/sys/kern/vfs_syscalls.c:1.376.4.7 Sat Sep 17 18:47:46 2011
+++ src/sys/kern/vfs_syscalls.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls.c,v 1.376.4.7 2011/09/17 18:47:46 bouyer Exp $ */
+/* $NetBSD: vfs_syscalls.c,v 1.376.4.8 2014/04/25 15:43:50 sborrill Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -63,7 +63,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.376.4.7 2011/09/17 18:47:46 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.376.4.8 2014/04/25 15:43:50 sborrill Exp $");
#include "opt_compat_netbsd.h"
#include "opt_compat_43.h"
@@ -519,15 +519,15 @@ do_sys_mount(struct lwp *l, struct vfsop
recurse = vn_setrecurse(vp);
}
+ /*
+ * We allow data to be NULL, even for userspace. Some fs's don't need
+ * it. The others will handle NULL.
+ */
if (data != NULL && data_seg == UIO_USERSPACE) {
if (data_len == 0) {
/* No length supplied, use default for filesystem */
data_len = vfsops->vfs_min_mount_data;
- if (data_len > VFS_MAX_MOUNT_DATA) {
- /* maybe a force loaded old LKM */
- error = EINVAL;
- goto done;
- }
+
#ifdef COMPAT_30
/* Hopefully a longer buffer won't make copyin() fail */
if (flags & MNT_UPDATE
@@ -535,6 +535,11 @@ do_sys_mount(struct lwp *l, struct vfsop
data_len = sizeof (struct mnt_export_args30);
#endif
}
+ if ((data_len == 0) || (data_len > VFS_MAX_MOUNT_DATA)) {
+ error = EINVAL;
+ goto done;
+ }
+
data_buf = malloc(data_len, M_TEMP, M_WAITOK);
/* NFS needs the buffer even for mnt_getargs .... */
Index: src/sys/miscfs/nullfs/null_vfsops.c
diff -u src/sys/miscfs/nullfs/null_vfsops.c:1.77 src/sys/miscfs/nullfs/null_vfsops.c:1.77.6.1
--- src/sys/miscfs/nullfs/null_vfsops.c:1.77 Tue Jun 24 11:25:05 2008
+++ src/sys/miscfs/nullfs/null_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: null_vfsops.c,v 1.77 2008/06/24 11:25:05 ad Exp $ */
+/* $NetBSD: null_vfsops.c,v 1.77.6.1 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 1999 National Aeronautics & Space Administration
@@ -74,7 +74,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: null_vfsops.c,v 1.77 2008/06/24 11:25:05 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: null_vfsops.c,v 1.77.6.1 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -118,6 +118,8 @@ nullfs_mount(mp, path, data, data_len)
printf("nullfs_mount(mp = %p)\n", mp);
#endif
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/miscfs/overlay/overlay_vfsops.c
diff -u src/sys/miscfs/overlay/overlay_vfsops.c:1.53 src/sys/miscfs/overlay/overlay_vfsops.c:1.53.6.1
--- src/sys/miscfs/overlay/overlay_vfsops.c:1.53 Sat Jun 28 01:34:06 2008
+++ src/sys/miscfs/overlay/overlay_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: overlay_vfsops.c,v 1.53 2008/06/28 01:34:06 rumble Exp $ */
+/* $NetBSD: overlay_vfsops.c,v 1.53.6.1 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 1999, 2000 National Aeronautics & Space Administration
@@ -74,7 +74,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: overlay_vfsops.c,v 1.53 2008/06/28 01:34:06 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: overlay_vfsops.c,v 1.53.6.1 2014/04/25 15:43:50 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -114,6 +114,8 @@ ov_mount(struct mount *mp, const char *p
printf("ov_mount(mp = %p)\n", mp);
#endif
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/miscfs/procfs/procfs_vfsops.c
diff -u src/sys/miscfs/procfs/procfs_vfsops.c:1.81 src/sys/miscfs/procfs/procfs_vfsops.c:1.81.6.1
--- src/sys/miscfs/procfs/procfs_vfsops.c:1.81 Sat Jun 28 01:34:06 2008
+++ src/sys/miscfs/procfs/procfs_vfsops.c Fri Apr 25 15:43:50 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: procfs_vfsops.c,v 1.81 2008/06/28 01:34:06 rumble Exp $ */
+/* $NetBSD: procfs_vfsops.c,v 1.81.6.1 2014/04/25 15:43:50 sborrill Exp $ */
/*
* Copyright (c) 1993
@@ -76,7 +76,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: procfs_vfsops.c,v 1.81 2008/06/28 01:34:06 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: procfs_vfsops.c,v 1.81.6.1 2014/04/25 15:43:50 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -128,6 +128,9 @@ procfs_mount(
struct procfs_args *args = data;
int error;
+ if (args == NULL)
+ return EINVAL;
+
if (UIO_MX & (UIO_MX-1)) {
log(LOG_ERR, "procfs: invalid directory entry size");
return (EINVAL);
Index: src/sys/miscfs/umapfs/umap_vfsops.c
diff -u src/sys/miscfs/umapfs/umap_vfsops.c:1.80 src/sys/miscfs/umapfs/umap_vfsops.c:1.80.6.1
--- src/sys/miscfs/umapfs/umap_vfsops.c:1.80 Sat Jun 28 01:34:06 2008
+++ src/sys/miscfs/umapfs/umap_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: umap_vfsops.c,v 1.80 2008/06/28 01:34:06 rumble Exp $ */
+/* $NetBSD: umap_vfsops.c,v 1.80.6.1 2014/04/25 15:43:51 sborrill Exp $ */
/*
* Copyright (c) 1992, 1993
@@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: umap_vfsops.c,v 1.80 2008/06/28 01:34:06 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: umap_vfsops.c,v 1.80.6.1 2014/04/25 15:43:51 sborrill Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -84,6 +84,8 @@ umapfs_mount(mp, path, data, data_len)
int i;
#endif
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/nfs/nfs_vfsops.c
diff -u src/sys/nfs/nfs_vfsops.c:1.203 src/sys/nfs/nfs_vfsops.c:1.203.4.1
--- src/sys/nfs/nfs_vfsops.c:1.203 Wed Oct 22 12:29:35 2008
+++ src/sys/nfs/nfs_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_vfsops.c,v 1.203 2008/10/22 12:29:35 matt Exp $ */
+/* $NetBSD: nfs_vfsops.c,v 1.203.4.1 2014/04/25 15:43:51 sborrill Exp $ */
/*
* Copyright (c) 1989, 1993, 1995
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nfs_vfsops.c,v 1.203 2008/10/22 12:29:35 matt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_vfsops.c,v 1.203.4.1 2014/04/25 15:43:51 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -600,6 +600,8 @@ nfs_mount(struct mount *mp, const char *
size_t len;
u_char *nfh;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/ufs/ext2fs/ext2fs_vfsops.c
diff -u src/sys/ufs/ext2fs/ext2fs_vfsops.c:1.137.6.6 src/sys/ufs/ext2fs/ext2fs_vfsops.c:1.137.6.7
--- src/sys/ufs/ext2fs/ext2fs_vfsops.c:1.137.6.6 Sun Jan 16 12:38:28 2011
+++ src/sys/ufs/ext2fs/ext2fs_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: ext2fs_vfsops.c,v 1.137.6.6 2011/01/16 12:38:28 bouyer Exp $ */
+/* $NetBSD: ext2fs_vfsops.c,v 1.137.6.7 2014/04/25 15:43:51 sborrill Exp $ */
/*
* Copyright (c) 1989, 1991, 1993, 1994
@@ -65,7 +65,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ext2fs_vfsops.c,v 1.137.6.6 2011/01/16 12:38:28 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ext2fs_vfsops.c,v 1.137.6.7 2014/04/25 15:43:51 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -322,6 +322,8 @@ ext2fs_mount(struct mount *mp, const cha
int error = 0, flags, update;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/ufs/ffs/ffs_vfsops.c
diff -u src/sys/ufs/ffs/ffs_vfsops.c:1.239.2.4 src/sys/ufs/ffs/ffs_vfsops.c:1.239.2.5
--- src/sys/ufs/ffs/ffs_vfsops.c:1.239.2.4 Sat Oct 3 22:49:43 2009
+++ src/sys/ufs/ffs/ffs_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: ffs_vfsops.c,v 1.239.2.4 2009/10/03 22:49:43 snj Exp $ */
+/* $NetBSD: ffs_vfsops.c,v 1.239.2.5 2014/04/25 15:43:51 sborrill Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.239.2.4 2009/10/03 22:49:43 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.239.2.5 2014/04/25 15:43:51 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ffs.h"
@@ -318,6 +318,8 @@ ffs_mount(struct mount *mp, const char *
int error = 0, flags, update;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/ufs/lfs/lfs_vfsops.c
diff -u src/sys/ufs/lfs/lfs_vfsops.c:1.267.6.1 src/sys/ufs/lfs/lfs_vfsops.c:1.267.6.2
--- src/sys/ufs/lfs/lfs_vfsops.c:1.267.6.1 Sat Apr 4 18:11:17 2009
+++ src/sys/ufs/lfs/lfs_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: lfs_vfsops.c,v 1.267.6.1 2009/04/04 18:11:17 snj Exp $ */
+/* $NetBSD: lfs_vfsops.c,v 1.267.6.2 2014/04/25 15:43:51 sborrill Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2002, 2003, 2007, 2007
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: lfs_vfsops.c,v 1.267.6.1 2009/04/04 18:11:17 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: lfs_vfsops.c,v 1.267.6.2 2014/04/25 15:43:51 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_lfs.h"
@@ -560,6 +560,8 @@ lfs_mount(struct mount *mp, const char *
int error = 0, update;
mode_t accessmode;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
Index: src/sys/ufs/mfs/mfs_vfsops.c
diff -u src/sys/ufs/mfs/mfs_vfsops.c:1.98 src/sys/ufs/mfs/mfs_vfsops.c:1.98.6.1
--- src/sys/ufs/mfs/mfs_vfsops.c:1.98 Sat Jun 28 01:34:05 2008
+++ src/sys/ufs/mfs/mfs_vfsops.c Fri Apr 25 15:43:51 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: mfs_vfsops.c,v 1.98 2008/06/28 01:34:05 rumble Exp $ */
+/* $NetBSD: mfs_vfsops.c,v 1.98.6.1 2014/04/25 15:43:51 sborrill Exp $ */
/*
* Copyright (c) 1989, 1990, 1993, 1994
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: mfs_vfsops.c,v 1.98 2008/06/28 01:34:05 rumble Exp $");
+__KERNEL_RCSID(0, "$NetBSD: mfs_vfsops.c,v 1.98.6.1 2014/04/25 15:43:51 sborrill Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -279,6 +279,8 @@ mfs_mount(struct mount *mp, const char *
struct proc *p;
int flags, error = 0;
+ if (args == NULL)
+ return EINVAL;
if (*data_len < sizeof *args)
return EINVAL;
