kernel buff overflow
Don Lewis
truckman at FreeBSD.org
Sun Sep 19 12:43:05 PDT 2004
On 19 Sep, Giorgos Keramidas wrote:
> On 2004-09-19 15:04, gerarra at tin.it wrote:
>> --- kern_syscalls.c Sat Sep 18 13:42:21 2004
>> +++ kern_syscalls2.c Sun Sep 19 14:59:27 2004
>> @@ -58,6 +58,12 @@
>> syscall_register(int *offset, struct sysent *new_sysent,
>> struct sysent *old_sysent)
>> {
>> +
>> +#ifdef __i386__
>> + if (new_sysent->sy_narg < 0 || new_sysent->sy_narg > i386_SYS_ARGS)
>> + return E2BIG;
>> +#endif
>> +
>> if (*offset == NO_SYSCALL) {
>> int i;
>
> If a very simple but similar check can be added that works for all the
> architectures it's probably a cleaner solution, i.e.:
>
> : #ifndef SYSCALL_MAX_ARGS
> : #define SYSCALL_MAX_ARGS 8
> : #endif
> :
> : if (new_sysent->sy_narg < 0 || new_sysent->sy_narg > SYSCALL_MAX_ARGS)
> : return EINVAL;
>
> Then each architecture can define SYSCALL_MAX_ARGS at compile time.
Yes, the value should be defined in the architecture-specific
<machine/param.h>. Also the machine specific syscall handlers in trap.c
should be modified to use the defined parameter instead of just using
the architecture-specific magic number.
More information about the freebsd-hackers
mailing list