svn commit: r268230 - head/sys/cddl/contrib/opensolaris/uts/common/dtrace
Pedro F. Giffuni
pfg at FreeBSD.org
Thu Jul 3 19:07:38 UTC 2014
Author: pfg
Date: Thu Jul 3 19:07:37 2014
New Revision: 268230
URL: http://svnweb.freebsd.org/changeset/base/268230
Log:
Merge from OpenSolaris (22-Apr-2008):
6823388 DTrace ioctl handlers must validate all structure members
MFC after: 1 week
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
head/sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
==============================================================================
--- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c Thu Jul 3 18:24:28 2014 (r268229)
+++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c Thu Jul 3 19:07:37 2014 (r268230)
@@ -12908,7 +12908,8 @@ dtrace_dof_copyin(uintptr_t uarg, int *e
dof = kmem_alloc(hdr.dofh_loadsz, KM_SLEEP);
- if (copyin((void *)uarg, dof, hdr.dofh_loadsz) != 0) {
+ if (copyin((void *)uarg, dof, hdr.dofh_loadsz) != 0 ||
+ dof->dofh_loadsz != hdr.dofh_loadsz) {
kmem_free(dof, hdr.dofh_loadsz);
*errp = EFAULT;
return (NULL);
Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c
==============================================================================
--- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c Thu Jul 3 18:24:28 2014 (r268229)
+++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c Thu Jul 3 19:07:37 2014 (r268230)
@@ -2277,7 +2277,8 @@ fasttrap_ioctl(struct cdev *dev, u_long
probe = kmem_alloc(size, KM_SLEEP);
- if (copyin(uprobe, probe, size) != 0) {
+ if (copyin(uprobe, probe, size) != 0 ||
+ probe->ftps_noffs != noffs) {
kmem_free(probe, size);
return (EFAULT);
}
More information about the svn-src-all
mailing list