[src/trunk]: src/sys/compat/freebsd Range checks are not optional. The omissi...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/22899984c6bb
branches:  trunk
changeset: 584309:22899984c6bb
user:      christos <christos%NetBSD.org@localhost>
date:      Mon Sep 12 22:17:49 2005 +0000

description:
Range checks are not optional. The omission of this one, allows the user
to corrupt the heap and/or crash the kernel (Christer Oeberg).

diffstat:

 sys/compat/freebsd/freebsd_misc.c |  16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diffs (38 lines):

diff -r a663b936bb75 -r 22899984c6bb sys/compat/freebsd/freebsd_misc.c
--- a/sys/compat/freebsd/freebsd_misc.c Mon Sep 12 22:16:56 2005 +0000
+++ b/sys/compat/freebsd/freebsd_misc.c Mon Sep 12 22:17:49 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: freebsd_misc.c,v 1.21 2005/02/26 23:10:18 perry Exp $  */
+/*     $NetBSD: freebsd_misc.c,v 1.22 2005/09/12 22:17:49 christos Exp $       */
 
 /*
  * Copyright (c) 1995 Frank van der Linden
@@ -36,7 +36,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: freebsd_misc.c,v 1.21 2005/02/26 23:10:18 perry Exp $");
+__KERNEL_RCSID(0, "$NetBSD: freebsd_misc.c,v 1.22 2005/09/12 22:17:49 christos Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_ntp.h"
@@ -232,11 +232,15 @@
        struct proc *p = l->l_proc;
 
        if (KTRPOINT(p, KTR_USER))
-               ktruser(p, "FreeBSD utrace", SCARG(uap, addr), SCARG(uap, len),
-                       0);
+               return 0;
+
+       if (SCARG(uap, len) > KTR_USER_MAXLEN)
+               return EINVAL;
 
-       return (0);
+       ktruser(p, "FreeBSD utrace", SCARG(uap, addr), SCARG(uap, len), 0);
+
+       return 0;
 #else
-       return (ENOSYS);
+       return ENOSYS;
 #endif
 }