d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

{ext2|ufs}_readdir: Avoid setting negative ncookies.

Browse Source 
ncookies cannot be negative or the allocator will fail. This should only
happen if a caller is very broken but we can still try to survive the
event.

We should probably also verify for uio_resid > MAXPHYS but in that case
it is not clear that just clipping the ncookies value is an adequate
response.

MFC after:	2 weeks
This commit is contained in:
pfg 2018-02-06 22:38:19 +00:00
parent 7f4e81c493
commit 999ae367a8
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/fs/ext2fs/ext2_lookup.c
View File

@ -153,7 +153,10 @@ ext2_readdir(struct vop_readdir_args *ap)
return (EINVAL);
ip = VTOI(vp);
if (ap->a_ncookies != NULL) {
ncookies = uio->uio_resid;
if (uio->uio_resid < 0)
ncookies = 0;
else
ncookies = uio->uio_resid;
if (uio->uio_offset >= ip->i_size)
ncookies = 0;
else if (ip->i_size - uio->uio_offset < ncookies)

5
sys/ufs/ufs/ufs_vnops.c
View File

@ -2179,7 +2179,10 @@ ufs_readdir(ap)
if (ip->i_effnlink == 0)
return (0);
if (ap->a_ncookies != NULL) {
ncookies = uio->uio_resid;
if (uio->uio_resid < 0)
ncookies = 0;
else
ncookies = uio->uio_resid;
if (uio->uio_offset >= ip->i_size)
ncookies = 0;
else if (ip->i_size - uio->uio_offset < ncookies)