svn commit: r289768 - head/sys/amd64/linux32
John Baldwin
jhb at FreeBSD.org
Thu Oct 22 21:23:59 UTC 2015
Author: jhb
Date: Thu Oct 22 21:23:58 2015
New Revision: 289768
URL: https://svnweb.freebsd.org/changeset/base/289768
Log:
Merge r289055 to amd64/linux32:
linux: fix handling of out-of-bounds syscall attempts
Due to an off by one the code would read an entry past the table, as
opposed to the last entry which contains the nosys handler.
Modified:
head/sys/amd64/linux32/linux32_sysvec.c
Modified: head/sys/amd64/linux32/linux32_sysvec.c
==============================================================================
--- head/sys/amd64/linux32/linux32_sysvec.c Thu Oct 22 21:13:35 2015 (r289767)
+++ head/sys/amd64/linux32/linux32_sysvec.c Thu Oct 22 21:23:58 2015 (r289768)
@@ -741,7 +741,7 @@ linux32_fetch_syscall_args(struct thread
if (sa->code >= p->p_sysent->sv_size)
/* nosys */
- sa->callp = &p->p_sysent->sv_table[LINUX_SYS_MAXSYSCALL];
+ sa->callp = &p->p_sysent->sv_table[p->p_sysent->sv_size - 1];
else
sa->callp = &p->p_sysent->sv_table[sa->code];
sa->narg = sa->callp->sy_narg;
More information about the svn-src-head
mailing list