[src/netbsd-10]: src/sys/kern Pull up following revision(s) (requested by ria...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/9b362e55e1e8
branches:  netbsd-10
changeset: 373692:9b362e55e1e8
user:      martin <martin%NetBSD.org@localhost>
date:      Fri Feb 24 14:12:51 2023 +0000

description:
Pull up following revision(s) (requested by riastradh in ticket #107):

        sys/kern/kern_ksyms.c: revision 1.108

ksyms(4): Reject negative offsets earlier in lseek.

Avoid arithmetic overflow.

diffstat:

 sys/kern/kern_ksyms.c |  13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diffs (45 lines):

diff -r fe3e2b02bb08 -r 9b362e55e1e8 sys/kern/kern_ksyms.c
--- a/sys/kern/kern_ksyms.c     Fri Feb 24 14:11:29 2023 +0000
+++ b/sys/kern/kern_ksyms.c     Fri Feb 24 14:12:51 2023 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_ksyms.c,v 1.107 2022/07/15 06:40:24 mrg Exp $     */
+/*     $NetBSD: kern_ksyms.c,v 1.107.4.1 2023/02/24 14:12:51 martin Exp $      */
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -73,7 +73,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.107 2022/07/15 06:40:24 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.107.4.1 2023/02/24 14:12:51 martin Exp $");
 
 #if defined(_KERNEL) && defined(_KERNEL_OPT)
 #include "opt_copy_symtab.h"
@@ -1417,6 +1417,7 @@
 static int
 ksymsseek(struct file *fp, off_t delta, int whence, off_t *newoffp, int flags)
 {
+       const off_t OFF_MAX = __type_max(off_t);
        struct ksyms_snapshot *ks = fp->f_data;
        off_t base, newoff;
        int error;
@@ -1438,13 +1439,15 @@
                goto out;
        }
 
-       /* Compute the new offset and validate it.  */
-       newoff = base + delta;  /* XXX arithmetic overflow */
-       if (newoff < 0) {
+       /* Check for arithmetic overflow and reject negative offsets.  */
+       if (base < 0 || delta > OFF_MAX - base || base + delta < 0) {
                error = EINVAL;
                goto out;
        }
 
+       /* Compute the new offset.  */
+       newoff = base + delta;
+
        /* Success!  */
        if (newoffp)
                *newoffp = newoff;