[Bug 219525] Multiple bugs in mpr ioctl handler
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue May 30 21:17:47 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219525
--- Comment #3 from Stephen McConnell <slm at freebsd.org> ---
OK. I see what you're saying. The check makes sure that data is not copied to
invalid space, but it does not check if the bytes are valid. That's true.
Maybe it's better like this:
if (status == 0) {
if (copyout((void *)sc->recorded_events, PTRIN(data->PtrEvents),
min(size, sizeof(sc->recorded_events))) != 0)
status = EFAULT;
}
Then, it just copies out as many valid bytes as it can, and no 'else' part.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list