cvs commit: src/sys/kern kern_sysctl.c
Robert Watson
rwatson at FreeBSD.org
Sun Sep 2 02:59:35 PDT 2007
rwatson 2007-09-02 09:59:33 UTC
FreeBSD src repository
Modified files:
sys/kern kern_sysctl.c
Log:
In userland_sysctl(), call useracc() with the actual newlen value to be
used, rather than the one passed via 'req', which may not reflect a
rewrite. This call to useracc() is redundant to validation performed by
later copyin()/copyout() calls, so there isn't a security issue here,
but this could technically lead to excessive validation of addresses if
the length in newlen is shorter than req.newlen.
Approved by: re (kensmith)
Reviewed by: jhb
Submitted by: Constantine A. Murenin <cnst+freebsd at bugmail.mojo.ru>
Sponsored by: Google Summer of Code 2007
Revision Changes Path
1.177 +1 -1 src/sys/kern/kern_sysctl.c
More information about the cvs-all
mailing list