d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't malloc a buffer while holding the prison0 mutex. Instead, use a loop

Browse Source 
where we figure out the hostname length under the lock, malloc the buffer
with the lock dropped, then recheck the length under the lock and loop again
if the buffer is now too small.

Tested by:	Norbert Koch  nkoch  demig de
MFC after:	3 days
This commit is contained in:
John Baldwin 2009-09-10 12:58:37 +00:00
parent edefbdd7cb
commit 9425bee7a0
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
sys/dev/syscons/daemon/daemon_saver.c
View File

@ -351,11 +351,23 @@ daemon_saver(video_adapter_t *adp, int blank)
static int
daemon_init(video_adapter_t *adp)
{
size_t hostlen;
mtx_lock(&prison0.pr_mtx);
messagelen = strlen(prison0.pr_hostname) + 3 + strlen(ostype) + 1 +
strlen(osrelease);
message = malloc(messagelen + 1, M_DEVBUF, M_WAITOK);
for (;;) {
hostlen = strlen(prison0.pr_hostname);
mtx_unlock(&prison0.pr_mtx);
messagelen = hostlen + 3 + strlen(ostype) + 1 +
strlen(osrelease);
message = malloc(messagelen + 1, M_DEVBUF, M_WAITOK);
mtx_lock(&prison0.pr_mtx);
if (hostlen < strlen(prison0.pr_hostname)) {
free(message, M_DEVBUF);
continue;
}
break;
}
sprintf(message, "%s - %s %s", prison0.pr_hostname, ostype, osrelease);
mtx_unlock(&prison0.pr_mtx);
blanked = 0;