Re: [statfs12] CVS commit: src

To: Christos Zoulas <christos%zoulas.com@localhost>
Subject: Re: [statfs12] CVS commit: src
From: Maxime Villard <max%m00nbsd.net@localhost>
Date: Fri, 3 Jul 2020 08:26:18 +0200

Le 27/06/2020 à 17:50, Christos Zoulas a écrit :


Please revert all of this change.

First, there was a clear vulnerability in this change, which I fixed in:

	https://mail-index.netbsd.org/source-changes/2020/06/27/msg118731.html

Then, as I said in the change, there are additional problems:

137 static __inline int
138 statvfs_to_statfs12_copy(const void *vs, void *vs12, size_t l)
139 {
140 	struct statfs12 *s12 = STATVFSBUF_GET();
141 	int error;
142
143 	statvfs_to_statfs12(vs, s12);
144 	error = copyout(s12, vs12, l);
145 	STATVFSBUF_PUT(s12);
146
147 	return error;
148 }

STATVFSBUF_GET() allocates struct statvfs, but here we're using struct
statfs12. How can this be expected to be correct?


It is larger than needed, so it works.


Why insist on using the wrong structure, when you could just as easily use
the correct structure? I don't get the point.

Maxime

Follow-Ups:
- Re: [statfs12] CVS commit: src
  - From: Christos Zoulas

References:
- [statfs12] Re: CVS commit: src
  - From: Maxime Villard
- Re: [statfs12] CVS commit: src
  - From: Christos Zoulas

Prev by Date: Re: CVS commit: src/external/bsd/kyua-cli
Next by Date: Re: CVS commit: src/usr.bin/make
Previous by Thread: Re: [statfs12] CVS commit: src
Next by Thread: Re: [statfs12] CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index