d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

{ext2|ufs}_readdir: Set limit on valid ncookies values.

Browse Source 
Sanitize the values that will be assigned to ncookies so that we ensure
they are sane and we can handle them.

Let ncookies signed as it was before r328346. The valid range is such
that unsigned values are not required and we are not able to avoid at
least one cast anyways.

Hinted by:	bde
This commit is contained in:
pfg 2018-01-27 15:33:52 +00:00
parent 17d3a1c234
commit 55c3e327b4
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/fs/ext2fs/ext2_lookup.c
View File

@ -145,14 +145,18 @@ ext2_readdir(struct vop_readdir_args *ap)
off_t offset, startoffset;
size_t readcnt, skipcnt;
ssize_t startresid;
u_int ncookies;
int ncookies;
int DIRBLKSIZ = VTOI(ap->a_vp)->i_e2fs->e2fs_bsize;
int error;
if (uio->uio_offset < 0)
return (EINVAL);
ip = VTOI(vp);
if (uio->uio_resid < 0)
uio->uio_resid = 0;
if (ap->a_ncookies != NULL) {
if (uio->uio_resid > MAXPHYS)
uio->uio_resid = MAXPHYS;
ncookies = uio->uio_resid;
if (uio->uio_offset >= ip->i_size)
ncookies = 0;

6
sys/ufs/ufs/ufs_vnops.c
View File

@ -2170,7 +2170,7 @@ ufs_readdir(ap)
off_t offset, startoffset;
size_t readcnt, skipcnt;
ssize_t startresid;
u_int ncookies;
int ncookies;
int error;
if (uio->uio_offset < 0)
@ -2178,7 +2178,11 @@ ufs_readdir(ap)
ip = VTOI(vp);
if (ip->i_effnlink == 0)
return (0);
if (uio->uio_resid < 0)
uio->uio_resid = 0;
if (ap->a_ncookies != NULL) {
if (uio->uio_resid > MAXPHYS)
uio->uio_resid = MAXPHYS;
ncookies = uio->uio_resid;
if (uio->uio_offset >= ip->i_size)
ncookies = 0;