Fri Jan 26 22:54:33 2018 UTC ()
Bounds checking - CID/1428650


(pgoyette)
diff -r1.259 -r1.260 src/sys/kern/kern_sysctl.c
cvs diff -r1.259 -r1.260 src/sys/kern/kern_sysctl.c (expand / switch to unified diff)

--- src/sys/kern/kern_sysctl.c 2017/04/25 22:07:10 1.259
+++ src/sys/kern/kern_sysctl.c 2018/01/26 22:54:33 1.260
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: kern_sysctl.c,v 1.259 2017/04/25 22:07:10 pgoyette Exp $ */ 1/* $NetBSD: kern_sysctl.c,v 1.260 2018/01/26 22:54:33 pgoyette Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2003, 2007, 2008 The NetBSD Foundation, Inc. 4 * Copyright (c) 2003, 2007, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Andrew Brown. 8 * by Andrew Brown.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -58,27 +58,27 @@ @@ -58,27 +58,27 @@
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE. 61 * SUCH DAMAGE.
62 * 62 *
63 * @(#)kern_sysctl.c 8.9 (Berkeley) 5/20/95 63 * @(#)kern_sysctl.c 8.9 (Berkeley) 5/20/95
64 */ 64 */
65 65
66/* 66/*
67 * sysctl system call. 67 * sysctl system call.
68 */ 68 */
69 69
70#include <sys/cdefs.h> 70#include <sys/cdefs.h>
71__KERNEL_RCSID(0, "$NetBSD: kern_sysctl.c,v 1.259 2017/04/25 22:07:10 pgoyette Exp $"); 71__KERNEL_RCSID(0, "$NetBSD: kern_sysctl.c,v 1.260 2018/01/26 22:54:33 pgoyette Exp $");
72 72
73#ifdef _KERNEL_OPT 73#ifdef _KERNEL_OPT
74#include "opt_defcorename.h" 74#include "opt_defcorename.h"
75#endif 75#endif
76 76
77#include "ksyms.h" 77#include "ksyms.h"
78 78
79#include <sys/param.h> 79#include <sys/param.h>
80#define __COMPAT_SYSCTL 80#define __COMPAT_SYSCTL
81#include <sys/sysctl.h> 81#include <sys/sysctl.h>
82#include <sys/systm.h> 82#include <sys/systm.h>
83#include <sys/buf.h> 83#include <sys/buf.h>
84#include <sys/ksyms.h> 84#include <sys/ksyms.h>
@@ -2405,26 +2405,28 @@ sysctl_log_print(const struct sysctllog  @@ -2405,26 +2405,28 @@ sysctl_log_print(const struct sysctllog
2405 } 2405 }
2406 } 2406 }
2407 printf(" end\n"); 2407 printf(" end\n");
2408} 2408}
2409 2409
2410int 2410int
2411sysctl_log_add(struct sysctllog **logp, const struct sysctlnode *node) 2411sysctl_log_add(struct sysctllog **logp, const struct sysctlnode *node)
2412{ 2412{
2413 const int size0 = 16; 2413 const int size0 = 16;
2414 int name[CTL_MAXNAME], namelen, i; 2414 int name[CTL_MAXNAME], namelen, i;
2415 const struct sysctlnode *pnode; 2415 const struct sysctlnode *pnode;
2416 struct sysctllog *log; 2416 struct sysctllog *log;
2417 2417
 2418 KASSERT(namelen < CTL_MAXNAME);
 2419
2418 if (node->sysctl_flags & CTLFLAG_PERMANENT) 2420 if (node->sysctl_flags & CTLFLAG_PERMANENT)
2419 return (0); 2421 return (0);
2420 2422
2421 if (logp == NULL) 2423 if (logp == NULL)
2422 return (0); 2424 return (0);
2423 2425
2424 if (*logp == NULL) { 2426 if (*logp == NULL) {
2425 log = malloc(sizeof(struct sysctllog), 2427 log = malloc(sizeof(struct sysctllog),
2426 M_SYSCTLDATA, M_WAITOK|M_CANFAIL); 2428 M_SYSCTLDATA, M_WAITOK|M_CANFAIL);
2427 if (log == NULL) { 2429 if (log == NULL) {
2428 /* XXX print error message? */ 2430 /* XXX print error message? */
2429 return (-1); 2431 return (-1);
2430 } 2432 }
@@ -2466,27 +2468,27 @@ sysctl_log_add(struct sysctllog **logp,  @@ -2466,27 +2468,27 @@ sysctl_log_add(struct sysctllog **logp,
2466 2468
2467 /* 2469 /*
2468 * do we have space? 2470 * do we have space?
2469 */ 2471 */
2470 if (log->log_left < (namelen + 3)) 2472 if (log->log_left < (namelen + 3))
2471 sysctl_log_realloc(log); 2473 sysctl_log_realloc(log);
2472 if (log->log_left < (namelen + 3)) 2474 if (log->log_left < (namelen + 3))
2473 return (-1); 2475 return (-1);
2474 2476
2475 /* 2477 /*
2476 * stuff name in, then namelen, then node type, and finally, 2478 * stuff name in, then namelen, then node type, and finally,
2477 * the version for non-node nodes. 2479 * the version for non-node nodes.
2478 */ 2480 */
2479 for (i = 0; i < namelen; i++) 2481 for (i = 0; i < namelen && i < CTL_MAXNAME; i++)
2480 log->log_num[--log->log_left] = name[i]; 2482 log->log_num[--log->log_left] = name[i];
2481 log->log_num[--log->log_left] = namelen; 2483 log->log_num[--log->log_left] = namelen;
2482 log->log_num[--log->log_left] = SYSCTL_TYPE(node->sysctl_flags); 2484 log->log_num[--log->log_left] = SYSCTL_TYPE(node->sysctl_flags);
2483 if (log->log_num[log->log_left] != CTLTYPE_NODE) 2485 if (log->log_num[log->log_left] != CTLTYPE_NODE)
2484 log->log_num[--log->log_left] = node->sysctl_ver; 2486 log->log_num[--log->log_left] = node->sysctl_ver;
2485 else 2487 else
2486 log->log_num[--log->log_left] = 0; 2488 log->log_num[--log->log_left] = 0;
2487 2489
2488 return (0); 2490 return (0);
2489} 2491}
2490 2492
2491void 2493void
2492sysctl_teardown(struct sysctllog **logp) 2494sysctl_teardown(struct sysctllog **logp)