svn commit: r285269 - head/sys/kern
Konstantin Belousov
kib at FreeBSD.org
Wed Jul 8 13:19:15 UTC 2015
Author: kib
Date: Wed Jul 8 13:19:13 2015
New Revision: 285269
URL: https://svnweb.freebsd.org/changeset/base/285269
Log:
Handle copyout for the fcntl(F_OGETLK) using oflock structure.
Otherwise, kernel overwrites a word past the destination.
Submitted by: walter at pelissero.de
PR: 196718
MFC after: 1 week
Modified:
head/sys/kern/kern_descrip.c
Modified: head/sys/kern/kern_descrip.c
==============================================================================
--- head/sys/kern/kern_descrip.c Wed Jul 8 12:42:44 2015 (r285268)
+++ head/sys/kern/kern_descrip.c Wed Jul 8 13:19:13 2015 (r285269)
@@ -404,9 +404,10 @@ kern_fcntl_freebsd(struct thread *td, in
struct flock fl;
struct __oflock ofl;
intptr_t arg1;
- int error;
+ int error, newcmd;
error = 0;
+ newcmd = cmd;
switch (cmd) {
case F_OGETLK:
case F_OSETLK:
@@ -424,13 +425,13 @@ kern_fcntl_freebsd(struct thread *td, in
switch (cmd) {
case F_OGETLK:
- cmd = F_GETLK;
+ newcmd = F_GETLK;
break;
case F_OSETLK:
- cmd = F_SETLK;
+ newcmd = F_SETLK;
break;
case F_OSETLKW:
- cmd = F_SETLKW;
+ newcmd = F_SETLKW;
break;
}
arg1 = (intptr_t)&fl;
@@ -448,7 +449,7 @@ kern_fcntl_freebsd(struct thread *td, in
}
if (error)
return (error);
- error = kern_fcntl(td, fd, cmd, arg1);
+ error = kern_fcntl(td, fd, newcmd, arg1);
if (error)
return (error);
if (cmd == F_OGETLK) {
More information about the svn-src-head
mailing list