Fix cases where count <= 0 (thanks to Maxime Villard for raising this)

2014-05-15 18:25:35 +00:00 · 2014-05-15 18:25:35 +00:00 · a0b6b9a1c4
commit a0b6b9a1c4
parent c18901f2e3
1 changed files with 8 additions and 7 deletions
--- a/sys/compat/netbsd32/netbsd32_netbsd.c
+++ b/sys/compat/netbsd32/netbsd32_netbsd.c
@ -1,4 +1,4 @@
-/*	$NetBSD: netbsd32_netbsd.c,v 1.186 2014/04/30 17:23:45 njoly Exp $	*/
+/*	$NetBSD: netbsd32_netbsd.c,v 1.187 2014/05/15 18:25:35 manu Exp $	*/

 /*
 * Copyright (c) 1998, 2001, 2008 Matthew R. Green
@ -27,7 +27,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.186 2014/04/30 17:23:45 njoly Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.187 2014/05/15 18:25:35 manu Exp $");

 #if defined(_KERNEL_OPT)
 #include "opt_ddb.h"
@ -1763,6 +1763,12 @@ netbsd32_swapctl_stats(struct lwp *l, struct sys_swapctl_args *uap, register_t *
 	int i, error = 0;
 	size_t ksep_len;

+	if (count < 0)
+		return EINVAL;
+
+	if (count == 0 || uvmexp.nswapdev == 0)
+		return 0;
+
 	/* Make sure userland cannot exhaust kernel memory */
 	if ((size_t)count > (size_t)uvmexp.nswapdev)
 		count = uvmexp.nswapdev;
@ -1774,9 +1780,6 @@ netbsd32_swapctl_stats(struct lwp *l, struct sys_swapctl_args *uap, register_t *
 	uvm_swap_stats(SWAP_STATS, ksep, count, retval);
 	count = *retval;

-	if (count < 1)
-		goto out;
-
 	for (i = 0; i < count; i++) {
 		se32.se_dev = ksep[i].se_dev;
 		se32.se_flags = ksep[i].se_flags;
@ -1791,8 +1794,6 @@ netbsd32_swapctl_stats(struct lwp *l, struct sys_swapctl_args *uap, register_t *
 			break;
 	}

-	
-out:
 	kmem_free(ksep, ksep_len);

 	return error;