d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

If the file descriptors passed into do_dup() are negative, return EBADF

Browse Source 
instead of panicing.  Also, perform some of the simpler sanity checks on
the fds before acquiring the filedesc lock.

Approved by:	re
Reported by:	Dan Nelson <dan@emsphone.com> and others
This commit is contained in:
John Baldwin 2002-11-26 17:22:15 +00:00
parent 4d10c0ce5f
commit 04f4a16448
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=107272
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/kern/kern_descrip.c
View File

@ -469,10 +469,11 @@ do_dup(td, type, old, new, retval)
* Verify we have a valid descriptor to dup from and possibly to
* dup to.
*/
if (old < 0 || new < 0 || new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
new >= maxfilesperproc)
return (EBADF);
FILEDESC_LOCK(fdp);
if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL ||
new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
new >= maxfilesperproc) {
if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) {
FILEDESC_UNLOCK(fdp);
return (EBADF);
}