[src/trunk]: src/sys/arch Check the passed in address as well as determining ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/arch Check the passed in address as well as determining ...
From: fvdl <fvdl%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 16:29:36 +0000

details:   https://anonhg.NetBSD.org/src/rev/751e0cc1eaa8
branches:  trunk
changeset: 574832:751e0cc1eaa8
user:      fvdl <fvdl%NetBSD.org@localhost>
date:      Mon Mar 14 21:50:59 2005 +0000

description:
Check the passed in address as well as determining the maximum length
using VM_MAXUSER_ADDRESS in copyinstr and copyoutstr.

Problem originally fixed in OpenBSD/i386.
This fix suggested by Charles Hannum (mycroft at netbsd dot org).

diffstat:

 sys/arch/amd64/amd64/copy.S |  4 +++-
 sys/arch/i386/i386/locore.S |  4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diffs (50 lines):

diff -r c03560dcddf1 -r 751e0cc1eaa8 sys/arch/amd64/amd64/copy.S
--- a/sys/arch/amd64/amd64/copy.S       Mon Mar 14 21:37:43 2005 +0000
+++ b/sys/arch/amd64/amd64/copy.S       Mon Mar 14 21:50:59 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: copy.S,v 1.1 2003/04/26 18:39:26 fvdl Exp $    */
+/*     $NetBSD: copy.S,v 1.2 2005/03/14 21:50:59 fvdl Exp $    */
 
 /*
  * Copyright (c) 2001 Wasabi Systems, Inc.
@@ -207,6 +207,7 @@
         */
        movq    $VM_MAXUSER_ADDRESS,%rax
        subq    %rdi,%rax
+       jc      _C_LABEL(copystr_efault)
        cmpq    %rdx,%rax
        jae     1f
        movq    %rax,%rdx
@@ -248,6 +249,7 @@
         */
        movq    $VM_MAXUSER_ADDRESS,%rax
        subq    %rsi,%rax
+       jc      _C_LABEL(copystr_efault)
        cmpq    %rdx,%rax
        jae     1f
        movq    %rax,%rdx
diff -r c03560dcddf1 -r 751e0cc1eaa8 sys/arch/i386/i386/locore.S
--- a/sys/arch/i386/i386/locore.S       Mon Mar 14 21:37:43 2005 +0000
+++ b/sys/arch/i386/i386/locore.S       Mon Mar 14 21:50:59 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: locore.S,v 1.32 2005/03/02 12:00:25 mycroft Exp $      */
+/*     $NetBSD: locore.S,v 1.33 2005/03/14 21:50:59 fvdl Exp $ */
 
 /*-
  * Copyright (c) 1998, 2000, 2004 The NetBSD Foundation, Inc.
@@ -1162,6 +1162,7 @@
         */
        movl    $VM_MAXUSER_ADDRESS,%eax
        subl    %edi,%eax
+       jc      _C_LABEL(copystr_efault)
        cmpl    %edx,%eax
        jae     1f
        movl    %eax,%edx
@@ -1216,6 +1217,7 @@
         */
        movl    $VM_MAXUSER_ADDRESS,%eax
        subl    %esi,%eax
+       jc      _C_LABEL(copystr_efault)
        cmpl    %edx,%eax
        jae     1f
        movl    %eax,%edx

Prev by Date: [src/netbsd-3]: src/sys/arch/i386/stand/boot Pull up revision 1.21 (requested...
Next by Date: [src/trunk]: src/sys/dev/pci Fix PR#24302. Clear PCI abort and parity errors...
Previous by Thread: [src/netbsd-3]: src/sys/arch/i386/stand/boot Pull up revision 1.21 (requested...
Next by Thread: [src/trunk]: src/sys/dev/pci Fix PR#24302. Clear PCI abort and parity errors...
Indexes:

Home | Main Index | Thread Index | Old Index