NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/46767: struct kauth_cred bypasses the C type system



>Number:         46767
>Category:       kern
>Synopsis:       struct kauth_cred bypasses the C type system
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Aug 03 00:55:00 +0000 2012
>Originator:     David A. Holland
>Release:        NetBSD 6.99.10 (20120802)
>Organization:
>Environment:
irrelevant

>Description:

struct kauth_cred, which is defined in sys/kern/kern_auth.c, is
ostensibly private to that file.

However, it's actually exposed via a cut and paste copy of the
structure, called struct kvm_kauth_cred, found in
lib/libkvm/kvm_proc.c.

Quite apart from the risk of nasal demons if the two copies of the
definition diverge, spoofing the type system like this is not
acceptable in a project like NetBSD where we care about code quality.

>How-To-Repeat:

code reading.
(actually reported by rmind)

>Fix:

Either the structure definition needs to be exported from the kernel
properly, and shared between the usage sites, or steps need to be
taken so the data type can really be private.

It is not entirely clear yet what this entails.



Home | Main Index | Thread Index | Old Index