Module Name:    src
Committed By:   maxv
Date:           Fri Sep 16 12:28:41 UTC 2016

Modified Files:
        src/sys/arch/i386/i386: copy.S

Log Message:
x86_copyargs takes as third argument a size, but still copies two chunks of
16 and 24 bytes, without checking the userland<->kernel limit accordingly.
Fix it by just checking the maximum size direcly.

It means that even if 16 bytes are copied, the kernel now makes sure 40
bytes are in userland. We could make it more fine-grained, but it would
probably unoptimize the function, and we don't care enough.

To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/sys/arch/i386/i386/copy.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Reply via email to