Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/dev avoid variable array stack allocation by enforcing a...
details: https://anonhg.NetBSD.org/src/rev/87408a9ea8c7
branches: trunk
changeset: 748922:87408a9ea8c7
user: christos <christos%NetBSD.org@localhost>
date: Tue Nov 10 20:05:50 2009 +0000
description:
avoid variable array stack allocation by enforcing and allocating always the
maximum.
diffstat:
sys/dev/cgd.c | 28 ++++++++++++++++++----------
sys/dev/cgdvar.h | 5 ++++-
2 files changed, 22 insertions(+), 11 deletions(-)
diffs (107 lines):
diff -r 7b93cb50b341 -r 87408a9ea8c7 sys/dev/cgd.c
--- a/sys/dev/cgd.c Tue Nov 10 18:19:46 2009 +0000
+++ b/sys/dev/cgd.c Tue Nov 10 20:05:50 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgd.c,v 1.61 2009/11/10 16:49:53 tron Exp $ */
+/* $NetBSD: cgd.c,v 1.62 2009/11/10 20:05:50 christos Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cgd.c,v 1.61 2009/11/10 16:49:53 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cgd.c,v 1.62 2009/11/10 20:05:50 christos Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -48,6 +48,7 @@
#include <sys/fcntl.h>
#include <sys/vnode.h>
#include <sys/conf.h>
+#include <sys/syslog.h>
#include <dev/dkvar.h>
#include <dev/cgdvar.h>
@@ -183,15 +184,16 @@
return;
}
- cgd_softc = (void *)malloc(num * sizeof(*cgd_softc), M_DEVBUF, M_NOWAIT);
+ cgd_softc = malloc(num * sizeof(*cgd_softc), M_DEVBUF, M_NOWAIT);
if (!cgd_softc) {
- printf("WARNING: unable to malloc(9) memory for crypt disks\n");
+ DPRINTF_FOLLOW(("WARNING: unable to malloc(9) memory for %d "
+ "crypt disks\n", num));
DIAGPANIC(("cgdattach: cannot malloc(9) enough memory"));
return;
}
numcgd = num;
- for (i=0; i<num; i++)
+ for (i = 0; i < num; i++)
cgdsoftc_init(&cgd_softc[i], i);
}
@@ -362,7 +364,8 @@
nbp->b_bcount));
if (nbp->b_error != 0) {
obp->b_error = nbp->b_error;
- printf("%s: error %d\n", dksc->sc_xname, obp->b_error);
+ DPRINTF(CGDB_IO, ("%s: error %d\n", dksc->sc_xname,
+ obp->b_error));
}
/* Perform the decryption if we are reading.
@@ -572,6 +575,12 @@
cs->sc_cdata.cf_mode = encblkno[i].v;
cs->sc_cdata.cf_priv = cs->sc_cfuncs->cf_init(ci->ci_keylen, inbuf,
&cs->sc_cdata.cf_blocksize);
+ if (cs->sc_cdata.cf_blocksize > CGD_MAXBLOCKSIZE) {
+ log(LOG_WARNING, "cgd: Disallowed cipher with blocksize %zu > %u\n",
+ cs->sc_data.cf_blocksize, CGD_MAXBLOCKSIZE);
+ cs->sc_cdata.cf_priv = NULL;
+ }
+
/*
* The blocksize is supposed to be in bytes. Unfortunately originally
* it was expressed in bits. For compatibility we maintain encblkno
@@ -580,7 +589,6 @@
cs->sc_cdata.cf_blocksize /= encblkno[i].d;
(void)memset(inbuf, 0, MAX_KEYSIZE);
if (!cs->sc_cdata.cf_priv) {
- printf("cgd: unable to initialize cipher\n");
ret = EINVAL; /* XXX is this the right error? */
goto bail;
}
@@ -775,9 +783,9 @@
struct iovec dstiov[2];
struct iovec srciov[2];
size_t blocksize = cs->sc_cdata.cf_blocksize;
- char sink[blocksize];
- char zero_iv[blocksize];
- char blkno_buf[blocksize];
+ char sink[CGD_MAXBLOCKSIZE];
+ char zero_iv[CGD_MAXBLOCKSIZE];
+ char blkno_buf[CGD_MAXBLOCKSIZE];
DPRINTF_FOLLOW(("cgd_cipher() dir=%d\n", dir));
diff -r 7b93cb50b341 -r 87408a9ea8c7 sys/dev/cgdvar.h
--- a/sys/dev/cgdvar.h Tue Nov 10 18:19:46 2009 +0000
+++ b/sys/dev/cgdvar.h Tue Nov 10 20:05:50 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgdvar.h,v 1.12 2008/09/12 16:51:55 christos Exp $ */
+/* $NetBSD: cgdvar.h,v 1.13 2009/11/10 20:05:50 christos Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -87,4 +87,7 @@
#define CGDIOCSET _IOWR('F', 18, struct cgd_ioctl)
#define CGDIOCCLR _IOW('F', 19, struct cgd_ioctl)
+/* Maximum block sized to be used by the ciphers */
+#define CGD_MAXBLOCKSIZE 128
+
#endif /* _DEV_CGDVAR_H_ */
Home |
Main Index |
Thread Index |
Old Index