FreeBSD Kernel buffer overflow
Don Lewis
truckman at FreeBSD.org
Sat Sep 18 11:08:48 PDT 2004
On 18 Sep, gerarra at tin.it wrote:
> Here i report a patch different from Giorgos' one. The approch is completely
> different: working on syscall_register() function in kern/kern_syscalls.c
> file.
>
> ==============================
>
>> cat kern_syscalls.diff
> --- kern_syscalls.c Sat Sep 18 14:37:53 2004
> +++ kern_syscalls2.c Sat Sep 18 14:37:53 2004
> @@ -73,6 +73,11 @@
> sysent[*offset].sy_call != (sy_call_t *)lkmressys)
> return EEXIST;
>
> +#if (__i386__) && (INVARIANTS)
> + KASSERT(new_sysent->nargs >= 0 && new_sysent->nargs <= i386_SYS_ARGS,
> + "invalid number of syscalls");
> +#endif
> +
> *old_sysent = sysent[*offset];
> sysent[*offset] = *new_sysent;
> return 0;
Why panic the machine at this point? Just refuse to install the syscall
and return an error.
More information about the freebsd-hackers
mailing list