CVS commit: src/sys/compat

Sat, 21 Jun 2014 03:23:25 -0700 

Module Name:    src
Committed By:   maxv
Date:           Sat Jun 21 10:23:07 UTC 2014

Modified Files:
        src/sys/compat/linux/common: linux_socketcall.c
        src/sys/compat/linux32/common: linux32_socketcall.c

Log Message:
If SCARG(uap, what) = 0, copyin() will copy (size_t)-1 bytes, and it's not
a good idea; but not proven harmful.

With the help of njoly@


To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 src/sys/compat/linux/common/linux_socketcall.c
cvs rdiff -u -r1.8 -r1.9 src/sys/compat/linux32/common/linux32_socketcall.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/compat/linux/common/linux_socketcall.c
diff -u src/sys/compat/linux/common/linux_socketcall.c:1.43 src/sys/compat/linux/common/linux_socketcall.c:1.44
--- src/sys/compat/linux/common/linux_socketcall.c:1.43	Fri Dec 27 15:10:53 2013
+++ src/sys/compat/linux/common/linux_socketcall.c	Sat Jun 21 10:23:07 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux_socketcall.c,v 1.43 2013/12/27 15:10:53 njoly Exp $	*/
+/*	$NetBSD: linux_socketcall.c,v 1.44 2014/06/21 10:23:07 maxv Exp $	*/
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socketcall.c,v 1.43 2013/12/27 15:10:53 njoly Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socketcall.c,v 1.44 2014/06/21 10:23:07 maxv Exp $");
 
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -125,7 +125,7 @@ linux_sys_socketcall(struct lwp *l, cons
 	struct linux_socketcall_dummy_args lda;
 	int error;
 
-	if (SCARG(uap, what) < 0 || SCARG(uap, what) > LINUX_MAX_SOCKETCALL)
+	if (SCARG(uap, what) <= 0 || SCARG(uap, what) > LINUX_MAX_SOCKETCALL)
 		return ENOSYS;
 
 	if ((error = copyin(SCARG(uap, args), &lda,

Index: src/sys/compat/linux32/common/linux32_socketcall.c
diff -u src/sys/compat/linux32/common/linux32_socketcall.c:1.8 src/sys/compat/linux32/common/linux32_socketcall.c:1.9
--- src/sys/compat/linux32/common/linux32_socketcall.c:1.8	Thu May 10 19:38:23 2012
+++ src/sys/compat/linux32/common/linux32_socketcall.c	Sat Jun 21 10:23:07 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux32_socketcall.c,v 1.8 2012/05/10 19:38:23 christos Exp $ */
+/*	$NetBSD: linux32_socketcall.c,v 1.9 2014/06/21 10:23:07 maxv Exp $ */
 
 /*-
  * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@@ -31,7 +31,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux32_socketcall.c,v 1.8 2012/05/10 19:38:23 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux32_socketcall.c,v 1.9 2014/06/21 10:23:07 maxv Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -96,7 +96,7 @@ linux32_sys_socketcall(struct lwp *l, co
 	union linux32_socketcall_args ua;
 	int error;
 
-	if (SCARG(uap, what) < 0 || SCARG(uap, what) > LINUX32_MAX_SOCKETCALL)
+	if (SCARG(uap, what) <= 0 || SCARG(uap, what) > LINUX32_MAX_SOCKETCALL)
 		return ENOSYS;
 
 	if ((error = copyin(SCARG_P32(uap, args), &ua,

Reply via email to