Return early on 0-sized transfers (usually to/from NULL-objects)
This logic is already present in subr_copy.c:copyin_vmspace() and rumpcopy.c:copyinstr(). This avoids memcpy() calls for NULL objects that is Undefined Behavior, allowed in the kernel space (-fno-delete-null-pointer-checks), but not in userland. Reported by UBSan.
This commit is contained in:
kamil
parent
b6924e8af2
commit
17a313ddde
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: rumpcopy.c,v 1.23 2019/04/06 03:06:28 thorpej Exp $ */
|
||||
/* $NetBSD: rumpcopy.c,v 1.24 2020/04/05 15:16:11 kamil Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2009 Antti Kantee. All Rights Reserved.
|
||||
|
|
@ -26,7 +26,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.23 2019/04/06 03:06:28 thorpej Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.24 2020/04/05 15:16:11 kamil Exp $");
|
||||
|
||||
#define __UFETCHSTORE_PRIVATE
|
||||
#define __UCAS_PRIVATE
|
||||
|
|
@ -45,6 +45,9 @@ copyin(const void *uaddr, void *kaddr, size_t len)
|
|||
{
|
||||
int error = 0;
|
||||
|
||||
if (len == 0)
|
||||
return 0;
|
||||
|
||||
if (__predict_false(uaddr == NULL && len)) {
|
||||
return EFAULT;
|
||||
}
|
||||
|
|
@ -64,6 +67,9 @@ copyout(const void *kaddr, void *uaddr, size_t len)
|
|||
{
|
||||
int error = 0;
|
||||
|
||||
if (len == 0)
|
||||
return 0;
|
||||
|
||||
if (__predict_false(uaddr == NULL && len)) {
|
||||
return EFAULT;
|
||||
}
|
||||
|
|
@ -137,6 +143,9 @@ copyoutstr(const void *kaddr, void *uaddr, size_t len, size_t *done)
|
|||
size_t slen;
|
||||
int error;
|
||||
|
||||
if (len == 0)
|
||||
return 0;
|
||||
|
||||
if (__predict_false(uaddr == NULL && len)) {
|
||||
return EFAULT;
|
||||
}
|
||||
|
|
@ -160,6 +169,9 @@ int
|
|||
kcopy(const void *src, void *dst, size_t len)
|
||||
{
|
||||
|
||||
if (len == 0)
|
||||
return 0;
|
||||
|
||||
memcpy(dst, src, len);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue