kern/173002: data type size problem in if_spppsubr.c
Jens Wiatrowski
wiatro at gmx.net
Tue Oct 23 19:10:01 UTC 2012
>Number: 173002
>Category: kern
>Synopsis: data type size problem in if_spppsubr.c
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 23 19:10:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Jens Wiatrowski
>Release: FreeBSD-8.2
>Organization:
>Environment:
FreeBSD merlin 8.2-RELEASE FreeBSD 8.2-RELEASE #5: Tue Oct 23 18:37:46 MEST 2012 wiatro at merlin:/usr/src/freebsd-8.2-amd64/sys/amd64/compile/MERLIN amd64
>Description:
Because cmd in struct spppreq (/usr/include/net/if_sppp.h) is an int,
fuword32() should be used instead of fuword() in sys/net/if_spppsubr.c, line 5133, I think.
>How-To-Repeat:
Use /sbin/spppcontrol on a 64bit machine.
>Fix:
Apply the patch I've appended.
Or change the type of cmd in struct spppreq to unsigned long.
Patch attached with submission follows:
*** sys/net/if_spppsubr.c.orig Tue Oct 23 18:47:42 2012
--- sys/net/if_spppsubr.c Tue Oct 23 18:46:27 2012
***************
*** 5130,5136 ****
* Check the cmd word first before attempting to fetch all the
* data.
*/
! if ((subcmd = fuword(ifr->ifr_data)) == -1) {
rv = EFAULT;
goto quit;
}
--- 5130,5136 ----
* Check the cmd word first before attempting to fetch all the
* data.
*/
! if ((subcmd = fuword32(ifr->ifr_data)) == -1) {
rv = EFAULT;
goto quit;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list