Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Limit the size of any kernel buffers allocated by the VOP_READDIR

Browse Source 
routines to MAXBSIZE.
This commit is contained in:
simonb 2006-05-27 23:46:49 +00:00
parent 4ea6eb36cb
commit e78022e1d6
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
sys/compat/netbsd32/netbsd32_compat_30.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_compat_30.c,v 1.7 2006/05/14 21:24:50 elad Exp $ */
/* $NetBSD: netbsd32_compat_30.c,v 1.8 2006/05/27 23:46:49 simonb Exp $ */
/*
* Copyright (c) 1998, 2001 Matthew R. Green
@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_compat_30.c,v 1.7 2006/05/14 21:24:50 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_compat_30.c,v 1.8 2006/05/27 23:46:49 simonb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -71,8 +71,12 @@ netbsd32_getdents(l, v, retval)
struct file *fp;
int error, done;
char *buf;
netbsd32_size_t count;
struct proc *p = l->l_proc;
/* Limit the size on any kernel buffers used by VOP_READDIR */
count = min(MAXBSIZE, SCARG(uap, count));
/* getvnode() will use the descriptor for us */
if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0)
return (error);
@ -80,9 +84,8 @@ netbsd32_getdents(l, v, retval)
error = EBADF;
goto out;
}
buf = malloc(SCARG(uap, count), M_TEMP, M_WAITOK);
error = vn_readdir(fp, buf,
UIO_SYSSPACE, SCARG(uap, count), &done, l, 0, 0);
buf = malloc(count, M_TEMP, M_WAITOK);
error = vn_readdir(fp, buf, UIO_SYSSPACE, count, &done, l, 0, 0);
if (error == 0) {
*retval = netbsd32_to_dirent12(buf, done);
error = copyout(buf, NETBSD32PTR64(SCARG(uap, buf)), *retval);

7
sys/kern/vfs_vnops.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_vnops.c,v 1.111 2006/05/14 21:15:12 elad Exp $ */
/* $NetBSD: vfs_vnops.c,v 1.112 2006/05/27 23:46:49 simonb Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.111 2006/05/14 21:15:12 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.112 2006/05/27 23:46:49 simonb Exp $");
#include "opt_verified_exec.h"
@ -405,6 +405,9 @@ vn_readdir(struct file *fp, char *bf, int segflg, u_int count, int *done,
struct uio auio;
int error, eofflag;
/* Limit the size on any kernel buffers used by VOP_READDIR */
count = min(MAXBSIZE, count);
unionread:
if (vp->v_type != VDIR)
return (EINVAL);