Fixed arg checking in if_advlock(). Invalid args were accepted in an
optimized case. Preposterous lengths weren't checked for. Found by: NIST-PCTS
This commit is contained in:
Bruce Evans
parent
0181a94ac9
commit
a88bd8aae4
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=20676
@ -34,7 +34,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)ufs_lockf.c 8.3 (Berkeley) 1/6/94
|
||||
* $Id: kern_lockf.c,v 1.5 1995/12/14 08:31:26 phk Exp $
|
||||
* $Id: kern_lockf.c,v 1.6 1996/09/03 14:21:52 bde Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -92,15 +92,6 @@ lf_advlock(ap, head, size)
|
||||
off_t start, end;
|
||||
int error;
|
||||
|
||||
/*
|
||||
* Avoid the common case of unlocking when inode has no locks.
|
||||
*/
|
||||
if (*head == (struct lockf *)0) {
|
||||
if (ap->a_op != F_SETLK) {
|
||||
fl->l_type = F_UNLCK;
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
/*
|
||||
* Convert the flock structure into a start and end.
|
||||
*/
|
||||
@ -126,8 +117,20 @@ lf_advlock(ap, head, size)
|
||||
return (EINVAL);
|
||||
if (fl->l_len == 0)
|
||||
end = -1;
|
||||
else
|
||||
else {
|
||||
end = start + fl->l_len - 1;
|
||||
if (end < start)
|
||||
return (EINVAL);
|
||||
}
|
||||
/*
|
||||
* Avoid the common case of unlocking when inode has no locks.
|
||||
*/
|
||||
if (*head == (struct lockf *)0) {
|
||||
if (ap->a_op != F_SETLK) {
|
||||
fl->l_type = F_UNLCK;
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
/*
|
||||
* Create the lockf structure
|
||||
*/
|
||||
|
||||
Loading…
Reference in New Issue
Block a user