Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-4]: src/sys/compat/svr4 Pull up revision 1.40 (requested by sim...
details: https://anonhg.NetBSD.org/src/rev/f1efcd950dbf
branches: netbsd-1-4
changeset: 470891:f1efcd950dbf
user: he <he%NetBSD.org@localhost>
date: Sat Sep 09 15:55:18 2000 +0000
description:
Pull up revision 1.40 (requested by simonb):
More carefully check length of user-supplied data, in particular
make sure we don't overrun the available stack gap in stack gap
allocations.
diffstat:
sys/compat/svr4/svr4_stat.c | 29 +++++++++++++----------------
1 files changed, 13 insertions(+), 16 deletions(-)
diffs (106 lines):
diff -r 60eecf1e23ec -r f1efcd950dbf sys/compat/svr4/svr4_stat.c
--- a/sys/compat/svr4/svr4_stat.c Sat Sep 09 15:54:59 2000 +0000
+++ b/sys/compat/svr4/svr4_stat.c Sat Sep 09 15:55:18 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: svr4_stat.c,v 1.33 1999/03/23 14:57:00 kleink Exp $ */
+/* $NetBSD: svr4_stat.c,v 1.33.2.1 2000/09/09 15:55:18 he Exp $ */
/*-
* Copyright (c) 1994 The NetBSD Foundation, Inc.
@@ -179,11 +179,9 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
-
if ((error = sys___stat13(p, &cup, retval)) != 0)
return error;
@@ -225,10 +223,9 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
if ((error = sys___lstat13(p, &cup, retval)) != 0)
return error;
@@ -303,10 +300,10 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
if ((error = sys___stat13(p, &cup, retval)) != 0)
return error;
@@ -339,10 +336,10 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
if ((error = sys___lstat13(p, &cup, retval)) != 0)
return error;
@@ -407,10 +404,10 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
if ((error = sys___stat13(p, &cup, retval)) != 0)
return error;
@@ -443,10 +440,10 @@
int error;
caddr_t sg = stackgap_init(p->p_emul);
+
+ SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
-
SCARG(&cup, path) = SCARG(uap, path);
- SCARG(&cup, ub) = stackgap_alloc(&sg, sizeof(struct stat));
if ((error = sys___lstat13(p, &cup, retval)) != 0)
return error;
@@ -725,9 +722,10 @@
struct timeval tbuf[2];
struct sys_utimes_args ap;
int error;
+ void *ttp;
caddr_t sg = stackgap_init(p->p_emul);
- void *ttp;
+ ttp = stackgap_alloc(&sg, sizeof(tbuf));
SVR4_CHECK_ALT_EXIST(p, &sg, SCARG(uap, path));
SCARG(&ap, path) = SCARG(uap, path);
if (SCARG(uap, ubuf) != NULL) {
@@ -737,7 +735,6 @@
tbuf[0].tv_usec = 0;
tbuf[1].tv_sec = ub.modtime;
tbuf[1].tv_usec = 0;
- ttp = stackgap_alloc(&sg, sizeof(tbuf));
error = copyout(tbuf, ttp, sizeof(tbuf));
if (error)
return error;
Home |
Main Index |
Thread Index |
Old Index