Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't walk off the end of the dirent buffer.

Browse Source 
From Ilja Van Sprundel.
This commit is contained in:
riastradh 2017-07-28 15:37:23 +00:00
parent 39f1e86852
commit 56272c962e
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/kern/vfs_getcwd.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_getcwd.c,v 1.51 2017/06/01 02:45:13 chs Exp $ */
/* $NetBSD: vfs_getcwd.c,v 1.52 2017/07/28 15:37:23 riastradh Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_getcwd.c,v 1.51 2017/06/01 02:45:13 chs Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_getcwd.c,v 1.52 2017/07/28 15:37:23 riastradh Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -211,7 +211,8 @@ unionread:
reclen = dp->d_reclen;
/* check for malformed directory.. */
if (reclen < _DIRENT_MINSIZE(dp)) {
if (reclen < _DIRENT_MINSIZE(dp) ||
reclen > len) {
error = EINVAL;
goto out;
}