Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-6]: src/sys/kern Pull up following revision(s) (requested by maxv...
details: https://anonhg.NetBSD.org/src/rev/50c858747d2a
branches: netbsd-6
changeset: 776590:50c858747d2a
user: msaitoh <msaitoh%NetBSD.org@localhost>
date: Tue Mar 18 09:21:30 2014 +0000
description:
Pull up following revision(s) (requested by maxv in ticket #1034):
sys/kern/kern_verifiedexec.c: revision 1.132
Reorder code to avoid use-after-free on error. From Maxime Villard
diffstat:
sys/kern/kern_verifiedexec.c | 28 ++++++++++++++--------------
1 files changed, 14 insertions(+), 14 deletions(-)
diffs (56 lines):
diff -r 0fb5221eecf8 -r 50c858747d2a sys/kern/kern_verifiedexec.c
--- a/sys/kern/kern_verifiedexec.c Tue Mar 18 08:57:53 2014 +0000
+++ b/sys/kern/kern_verifiedexec.c Tue Mar 18 09:21:30 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_verifiedexec.c,v 1.128 2011/11/20 10:32:33 hannken Exp $ */
+/* $NetBSD: kern_verifiedexec.c,v 1.128.4.1 2014/03/18 09:21:30 msaitoh Exp $ */
/*-
* Copyright (c) 2005, 2006 Elad Efrat <elad%NetBSD.org@localhost>
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.128 2011/11/20 10:32:33 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.128.4.1 2014/03/18 09:21:30 msaitoh Exp $");
#include "opt_veriexec.h"
@@ -1281,18 +1281,6 @@
vfe->npages = 0;
vfe->last_page_size = 0;
- vte = veriexec_table_lookup(vp->v_mount);
- if (vte == NULL)
- vte = veriexec_table_add(l, vp->v_mount);
-
- /* XXX if we bail below this, we might want to gc newly created vtes. */
-
- error = fileassoc_add(vp, veriexec_hook, vfe);
- if (error)
- goto unlock_out;
-
- vte->vte_count++;
-
if (prop_bool_true(prop_dictionary_get(dict, "eval-on-load")) ||
(vfe->type & VERIEXEC_UNTRUSTED)) {
u_char *digest;
@@ -1314,6 +1302,18 @@
kmem_free(digest, vfe->ops->hash_len);
}
+ vte = veriexec_table_lookup(vp->v_mount);
+ if (vte == NULL)
+ vte = veriexec_table_add(l, vp->v_mount);
+
+ /* XXX if we bail below this, we might want to gc newly created vtes. */
+
+ error = fileassoc_add(vp, veriexec_hook, vfe);
+ if (error)
+ goto unlock_out;
+
+ vte->vte_count++;
+
veriexec_file_report(NULL, "New entry.", file, NULL, REPORT_DEBUG);
veriexec_bypass = 0;
Home |
Main Index |
Thread Index |
Old Index