Commit Graph

27 Commits

Author SHA1 Message Date
Conrad Meyer
51bcc337dd netsmb: Fix buggy/racy smb_strdupin()
smb_strdupin() tried to roll a copyin() based strlen to allocate a buffer
and then blindly copyin that size.  Of course, a malicious user program
could simultaneously manipulate the buffer, resulting in a non-terminated
string being copied.

Later assumptions in the code rely upon the string being nul-terminated.

Just use copyinstr() and drop the racy sizing.

PR:		222687
Reported by:	Meng Xu <meng.xu AT gatech.edu>
Security:	possible local DoS
Sponsored by:	Dell EMC Isilon
2017-09-29 15:53:26 +00:00
Pedro F. Giffuni
74b8d63dcc Cleanup unnecessary semicolons from the kernel.
Found with devel/coccinelle.
2016-04-10 23:07:00 +00:00
Kevin Lo
41f1dccceb Add unicode support to msdosfs and smbfs; original pathes from imura,
bug fixes by Kuan-Chung Chiu <buganini at gmail dot com>.

Tested by me in production for several days at work.
2011-11-18 03:05:20 +00:00
Ed Schouten
d745c852be Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
2011-11-07 06:44:47 +00:00
Christian S.J. Peron
a67b22d67f Change some variables from int to size_t. This is more accurate since
these variables represent sizes in one capacity or another.  There is
no reason to allow negative numbers.  Change userspace shared structure
elements that get used for the modified functions from int to uint32_t,
since it's not clear what userspace programs use these fields, and we
do not want to break binary compatibility.  This fixes a panic when
corrupt or bogus data is passed into the kernel.

Obtained from:	NetBSD
MFC after:	3 weeks
2011-01-08 23:06:54 +00:00
Joel Dahl
d122d78412 Switch to our preferred 2-clause BSD license.
Approved by:	bp
2010-04-07 16:50:38 +00:00
Boris Popov
834340ae9a It seems to be safe to ignore 'file not locked' error
from server.  This effectively suppresses 'Unmapped error 1:158'.

MFC after:	1 month
2006-11-05 06:31:08 +00:00
Christian S.J. Peron
ed9e2ed449 Although we check the return value of copyin(9) while determaining how
long the string is in userspace, afterwards we call malloc(M_WAITOK),
which could sleep for an unknown amount of time. Check the return
value of copyin(9) just to be sure that nothing has changed during that
time.

Found with:	Coverity Prevent (tm)
MFC after:	1 week
2006-01-16 17:03:21 +00:00
R. Imura
080e3a63b3 Change API of mb_copy_t in libmchain so that netsmb can handle
multibyte character share name correctly.

Reviewed by:	bp
2005-07-29 13:22:37 +00:00
Warner Losh
c398230b64 /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
David E. O'Brien
ab0de15baf Use __FBSDID(). 2003-06-11 05:37:42 +00:00
John Baldwin
90af4afacb - Merge struct procsig with struct sigacts.
- Move struct sigacts out of the u-area and malloc() it using the
  M_SUBPROC malloc bucket.
- Add a small sigacts_*() API for managing sigacts structures: sigacts_alloc(),
  sigacts_free(), sigacts_copy(), sigacts_share(), and sigacts_shared().
- Remove the p_sigignore, p_sigacts, and p_sigcatch macros.
- Add a mutex to struct sigacts that protects all the members of the struct.
- Add sigacts locking.
- Remove Giant from nosys(), kill(), killpg(), and kern_sigaction() now
  that sigacts is locked.
- Several in-kernel functions such as psignal(), tdsignal(), trapsignal(),
  and thread_stopped() are now MP safe.

Reviewed by:	arch@
Approved by:	re (rwatson)
2003-05-13 20:36:02 +00:00
Jeff Roberson
4093529dee - Move p->p_sigmask to td->td_sigmask. Signal masks will be per thread with
a follow on commit to kern_sig.c
 - signotify() now operates on a thread since unmasked pending signals are
   stored in the thread.
 - PS_NEEDSIGCHK moves to TDF_NEEDSIGCHK.
2003-03-31 22:49:17 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Tim J. Robbins
fbbad44413 Lock proc while manipulating p_sigmask p_sigignore and p_siglist. 2003-02-14 09:12:12 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Robert Drehmel
0adb6d7a49 Remove the hto(be|le)[slq] and (be|le)toh[slq] macros defined in
_KERNEL scope from "src/sys/sys/mchain.h".

Replace each occurrence of the above in _KERNEL scope with the
appropriate macro from the set of hto(be|le)(16|32|64) and
(be|le)toh(16|32|64) from "src/sys/sys/endian.h".

Tested by:		tjr
Requested by:		comment marked with XXX
2002-12-16 16:20:06 +00:00
John Baldwin
985cce5132 - Change mb_copy_t to take a size_t as the length argument instead of an
int.
- Change the local variable in smb_copy_iconv() from an int to a size_t.

These make smb_copy_iconv() happy in a 64-bit world.
2002-11-08 21:26:32 +00:00
Juli Mallett
1d9c56964d Back our kernel support for reliable signal queues.
Requested by:	rwatson, phk, and many others
2002-10-01 17:15:53 +00:00
Juli Mallett
70d4d0c0f5 Convert use of p_siglist and old SIG*() macros to use <sys/ksiginfo.h>
prototyped functions to get a sigset_t, and further to check for any
queued signals, rather than an empty signal set, to go with the move
to signal queues rather than signal sets.
2002-09-30 20:48:29 +00:00
Mike Barcroft
a30d4b3270 Move the new byte order function prototypes from <sys/param.h> to
<sys/endian.h>.  This puts us in line with NetBSD and OpenBSD.
2002-04-26 22:48:23 +00:00
Boris Popov
af9b5e8fe5 Recongnize more error codes returned by W2K servers.
MFC after:	4 days
2002-04-17 03:14:28 +00:00
John Baldwin
a854ed9893 Simple p_ucred -> td_ucred changes to start using the per-thread ucred
reference.
2002-02-27 18:32:23 +00:00
Boris Popov
fce6fbfa4d Pull netsmb requester from the pre-KSE world. This update mostly based
on the patches submitted by Max Khon <fjoe@iclub.nsu.ru>
2001-12-02 08:47:29 +00:00
Boris Popov
fe98760edc Map errdos:67 to the ENOENT.
Obtained from:	Mac OS X
MFC after:		1 week
2001-08-21 09:16:57 +00:00
Boris Popov
2da5cc6e00 Remove unnecessary "#if __FreeBSD_version". 2001-08-21 08:58:02 +00:00
Boris Popov
681a5bbef2 Import kernel part of SMB/CIFS requester.
Add smbfs(CIFS) filesystem.

Userland part will be in the ports tree for a while.

Obtained from:	smbfs-1.3.7-dev package.
2001-04-10 07:59:06 +00:00