[src/trunk]: src/sys Fix a potential - but very unlikely - NULL pointer deref...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys Fix a potential - but very unlikely - NULL pointer deref...
From: maxv <maxv%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 02:14:00 +0000

details:   https://anonhg.NetBSD.org/src/rev/fc6da29c2bbe
branches:  trunk
changeset: 794692:fc6da29c2bbe
user:      maxv <maxv%NetBSD.org@localhost>
date:      Sat Mar 22 08:15:25 2014 +0000

description:
Fix a potential - but very unlikely - NULL pointer dereference.
(it does not introduce a new error code for open(), since
 pathbuf_copyin() is already there and can return ENOMEM)

Found by my code scanner.

diffstat:

 sys/compat/netbsd32/netbsd32_netbsd.c |   9 ++++++---
 sys/kern/vfs_syscalls.c               |  10 ++++++----
 2 files changed, 12 insertions(+), 7 deletions(-)

diffs (63 lines):

diff -r f93896bf60fa -r fc6da29c2bbe sys/compat/netbsd32/netbsd32_netbsd.c
--- a/sys/compat/netbsd32/netbsd32_netbsd.c     Sat Mar 22 07:49:06 2014 +0000
+++ b/sys/compat/netbsd32/netbsd32_netbsd.c     Sat Mar 22 08:15:25 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: netbsd32_netbsd.c,v 1.184 2014/02/03 13:20:20 manu Exp $       */
+/*     $NetBSD: netbsd32_netbsd.c,v 1.185 2014/03/22 08:15:25 maxv Exp $       */
 
 /*
  * Copyright (c) 1998, 2001, 2008 Matthew R. Green
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.184 2014/02/03 13:20:20 manu Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.185 2014/03/22 08:15:25 maxv Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_ddb.h"
@@ -241,8 +241,11 @@
                error = pathbuf_copyin(SCARG(&ua, path), &pb);
                if (error) 
                        return error; 
-       } else
+       } else {
                pb = pathbuf_create(".");
+               if (pb == NULL)
+                       return ENOMEM;
+       }
                 
         error = do_open(l, NULL, pb, SCARG(&ua, flags), SCARG(&ua, mode), &fd);
         pathbuf_destroy(pb);
diff -r f93896bf60fa -r fc6da29c2bbe sys/kern/vfs_syscalls.c
--- a/sys/kern/vfs_syscalls.c   Sat Mar 22 07:49:06 2014 +0000
+++ b/sys/kern/vfs_syscalls.c   Sat Mar 22 08:15:25 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: vfs_syscalls.c,v 1.476 2014/02/15 22:32:16 njoly Exp $ */
+/*     $NetBSD: vfs_syscalls.c,v 1.477 2014/03/22 08:15:25 maxv Exp $  */
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.476 2014/02/15 22:32:16 njoly Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.477 2014/03/22 08:15:25 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_fileassoc.h"
@@ -1624,9 +1624,11 @@
        int error;
 
 #ifdef COMPAT_10       /* XXX: and perhaps later */
-       if (path == NULL)
+       if (path == NULL) {
                pb = pathbuf_create(".");
-       else
+               if (pb == NULL)
+                       return ENOMEM;
+       } else
 #endif
        {
                error = pathbuf_copyin(path, &pb);

Prev by Date: [src/trunk]: src/sys/kern Small changes:
Next by Date: [src/trunk]: src/sys/arch/arm/imx Add SPI driver.
Previous by Thread: [src/trunk]: src/sys/kern Small changes:
Next by Thread: [src/trunk]: src/sys/arch/arm/imx Add SPI driver.
Indexes:

Home | Main Index | Thread Index | Old Index