Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pipe_read(): initialize ocnt before pipelock() call; it might have been 

used unitialized when the pipelock() call would fail
bug found by Krister Walfridsson
This commit is contained in:
jdolecek 2002-11-01 21:34:30 +00:00
parent 20e698bdc1
commit 6a40f5edcb
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/kern/sys_pipe.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sys_pipe.c,v 1.27 2002/10/23 09:14:22 jdolecek Exp $ */ /* $NetBSD: sys_pipe.c,v 1.28 2002/11/01 21:34:30 jdolecek Exp $ */
/* /*
* Copyright (c) 1996 John S. Dyson * Copyright (c) 1996 John S. Dyson
@ -58,7 +58,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.27 2002/10/23 09:14:22 jdolecek Exp $"); __KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.28 2002/11/01 21:34:30 jdolecek Exp $");
#include <sys/param.h> #include <sys/param.h>
#include <sys/systm.h> #include <sys/systm.h>
@ -612,12 +612,12 @@ pipe_read(fp, offset, uio, cred, flags)
PIPE_LOCK(rpipe); PIPE_LOCK(rpipe);
++rpipe->pipe_busy; ++rpipe->pipe_busy;
ocnt = rpipe->pipe_buffer.cnt;
error = pipelock(rpipe, 1); error = pipelock(rpipe, 1);
if (error) if (error)
goto unlocked_error; goto unlocked_error;
ocnt = rpipe->pipe_buffer.cnt;
while (uio->uio_resid) { while (uio->uio_resid) {
/* /*
* normal pipe buffer receive * normal pipe buffer receive