Fri Aug 23 07:53:37 2019 UTC ()
Fix info leaks.


(maxv)
diff -r1.61 -r1.62 src/sys/compat/linux/common/linux_file64.c
diff -r1.241 -r1.242 src/sys/compat/linux/common/linux_misc.c
diff -r1.19 -r1.20 src/sys/compat/linux32/common/linux32_dirent.c
cvs diff -r1.61 -r1.62 src/sys/compat/linux/common/linux_file64.c (expand / switch to unified diff)

--- src/sys/compat/linux/common/linux_file64.c 2019/08/23 06:54:54 1.61
+++ src/sys/compat/linux/common/linux_file64.c 2019/08/23 07:53:36 1.62
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: linux_file64.c,v 1.61 2019/08/23 06:54:54 maxv Exp $ */ 1/* $NetBSD: linux_file64.c,v 1.62 2019/08/23 07:53:36 maxv Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 1995, 1998, 2000, 2008 The NetBSD Foundation, Inc. 4 * Copyright (c) 1995, 1998, 2000, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Frank van der Linden and Eric Haszlakiewicz. 8 * by Frank van der Linden and Eric Haszlakiewicz.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -24,27 +24,27 @@ @@ -24,27 +24,27 @@
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE. 29 * POSSIBILITY OF SUCH DAMAGE.
30 */ 30 */
31 31
32/* 32/*
33 * Linux 64bit filesystem calls. Used on 32bit archs, not used on 64bit ones. 33 * Linux 64bit filesystem calls. Used on 32bit archs, not used on 64bit ones.
34 */ 34 */
35 35
36#include <sys/cdefs.h> 36#include <sys/cdefs.h>
37__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.61 2019/08/23 06:54:54 maxv Exp $"); 37__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.62 2019/08/23 07:53:36 maxv Exp $");
38 38
39#include <sys/param.h> 39#include <sys/param.h>
40#include <sys/systm.h> 40#include <sys/systm.h>
41#include <sys/namei.h> 41#include <sys/namei.h>
42#include <sys/proc.h> 42#include <sys/proc.h>
43#include <sys/dirent.h> 43#include <sys/dirent.h>
44#include <sys/file.h> 44#include <sys/file.h>
45#include <sys/stat.h> 45#include <sys/stat.h>
46#include <sys/filedesc.h> 46#include <sys/filedesc.h>
47#include <sys/ioctl.h> 47#include <sys/ioctl.h>
48#include <sys/kernel.h> 48#include <sys/kernel.h>
49#include <sys/mount.h> 49#include <sys/mount.h>
50#include <sys/malloc.h> 50#include <sys/malloc.h>
@@ -343,26 +343,27 @@ again: @@ -343,26 +343,27 @@ again:
343 /* entry too big for buffer, so just stop */ 343 /* entry too big for buffer, so just stop */
344 outp++; 344 outp++;
345 break; 345 break;
346 } 346 }
347 if (cookie) 347 if (cookie)
348 off = *cookie++; /* each entry points to next */ 348 off = *cookie++; /* each entry points to next */
349 else 349 else
350 off += reclen; 350 off += reclen;
351 /* 351 /*
352 * Massage in place to make a Linux-shaped dirent (otherwise 352 * Massage in place to make a Linux-shaped dirent (otherwise
353 * we have to worry about touching user memory outside of 353 * we have to worry about touching user memory outside of
354 * the copyout() call). 354 * the copyout() call).
355 */ 355 */
 356 memset(&idb, 0, sizeof(idb));
356 idb.d_ino = bdp->d_fileno; 357 idb.d_ino = bdp->d_fileno;
357 idb.d_type = bdp->d_type; 358 idb.d_type = bdp->d_type;
358 idb.d_off = off; 359 idb.d_off = off;
359 idb.d_reclen = (u_short)linux_reclen; 360 idb.d_reclen = (u_short)linux_reclen;
360 memcpy(idb.d_name, bdp->d_name, MIN(sizeof(idb.d_name), 361 memcpy(idb.d_name, bdp->d_name, MIN(sizeof(idb.d_name),
361 bdp->d_namlen + 1)); 362 bdp->d_namlen + 1));
362 if ((error = copyout((void *)&idb, outp, linux_reclen))) 363 if ((error = copyout((void *)&idb, outp, linux_reclen)))
363 goto out; 364 goto out;
364 /* advance past this real entry */ 365 /* advance past this real entry */
365 inp += reclen; 366 inp += reclen;
366 /* advance output past Linux-shaped entry */ 367 /* advance output past Linux-shaped entry */
367 outp += linux_reclen; 368 outp += linux_reclen;
368 resid -= linux_reclen; 369 resid -= linux_reclen;
cvs diff -r1.241 -r1.242 src/sys/compat/linux/common/linux_misc.c (expand / switch to unified diff)

--- src/sys/compat/linux/common/linux_misc.c 2019/08/23 06:47:58 1.241
+++ src/sys/compat/linux/common/linux_misc.c 2019/08/23 07:53:36 1.242
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: linux_misc.c,v 1.241 2019/08/23 06:47:58 maxv Exp $ */ 1/* $NetBSD: linux_misc.c,v 1.242 2019/08/23 07:53:36 maxv Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 1995, 1998, 1999, 2008 The NetBSD Foundation, Inc. 4 * Copyright (c) 1995, 1998, 1999, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Frank van der Linden and Eric Haszlakiewicz; by Jason R. Thorpe 8 * by Frank van der Linden and Eric Haszlakiewicz; by Jason R. Thorpe
9 * of the Numerical Aerospace Simulation Facility, NASA Ames Research Center. 9 * of the Numerical Aerospace Simulation Facility, NASA Ames Research Center.
10 * 10 *
11 * Redistribution and use in source and binary forms, with or without 11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions 12 * modification, are permitted provided that the following conditions
13 * are met: 13 * are met:
14 * 1. Redistributions of source code must retain the above copyright 14 * 1. Redistributions of source code must retain the above copyright
@@ -47,27 +47,27 @@ @@ -47,27 +47,27 @@
47 * linux_sys_readdir : linux_misc_notalpha.c 47 * linux_sys_readdir : linux_misc_notalpha.c
48 * linux_sys_setresgid : linux_misc_notalpha.c 48 * linux_sys_setresgid : linux_misc_notalpha.c
49 * linux_sys_time : linux_misc_notalpha.c 49 * linux_sys_time : linux_misc_notalpha.c
50 * linux_sys_utime : linux_misc_notalpha.c 50 * linux_sys_utime : linux_misc_notalpha.c
51 * linux_sys_waitpid : linux_misc_notalpha.c 51 * linux_sys_waitpid : linux_misc_notalpha.c
52 * linux_sys_old_mmap : linux_oldmmap.c 52 * linux_sys_old_mmap : linux_oldmmap.c
53 * linux_sys_oldolduname : linux_oldolduname.c 53 * linux_sys_oldolduname : linux_oldolduname.c
54 * linux_sys_oldselect : linux_oldselect.c 54 * linux_sys_oldselect : linux_oldselect.c
55 * linux_sys_olduname : linux_olduname.c 55 * linux_sys_olduname : linux_olduname.c
56 * linux_sys_pipe : linux_pipe.c 56 * linux_sys_pipe : linux_pipe.c
57 */ 57 */
58 58
59#include <sys/cdefs.h> 59#include <sys/cdefs.h>
60__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.241 2019/08/23 06:47:58 maxv Exp $"); 60__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.242 2019/08/23 07:53:36 maxv Exp $");
61 61
62#include <sys/param.h> 62#include <sys/param.h>
63#include <sys/systm.h> 63#include <sys/systm.h>
64#include <sys/namei.h> 64#include <sys/namei.h>
65#include <sys/proc.h> 65#include <sys/proc.h>
66#include <sys/dirent.h> 66#include <sys/dirent.h>
67#include <sys/file.h> 67#include <sys/file.h>
68#include <sys/stat.h> 68#include <sys/stat.h>
69#include <sys/filedesc.h> 69#include <sys/filedesc.h>
70#include <sys/ioctl.h> 70#include <sys/ioctl.h>
71#include <sys/kernel.h> 71#include <sys/kernel.h>
72#include <sys/malloc.h> 72#include <sys/malloc.h>
73#include <sys/mbuf.h> 73#include <sys/mbuf.h>
@@ -762,26 +762,27 @@ again: @@ -762,26 +762,27 @@ again:
762 continue; 762 continue;
763 } 763 }
764 linux_reclen = LINUX_RECLEN(&idb, bdp->d_namlen); 764 linux_reclen = LINUX_RECLEN(&idb, bdp->d_namlen);
765 if (reclen > len || resid < linux_reclen) { 765 if (reclen > len || resid < linux_reclen) {
766 /* entry too big for buffer, so just stop */ 766 /* entry too big for buffer, so just stop */
767 outp++; 767 outp++;
768 break; 768 break;
769 } 769 }
770 /* 770 /*
771 * Massage in place to make a Linux-shaped dirent (otherwise 771 * Massage in place to make a Linux-shaped dirent (otherwise
772 * we have to worry about touching user memory outside of 772 * we have to worry about touching user memory outside of
773 * the copyout() call). 773 * the copyout() call).
774 */ 774 */
 775 memset(&idb, 0, sizeof(idb));
775 idb.d_ino = bdp->d_fileno; 776 idb.d_ino = bdp->d_fileno;
776 /* 777 /*
777 * The old readdir() call misuses the offset and reclen fields. 778 * The old readdir() call misuses the offset and reclen fields.
778 */ 779 */
779 if (oldcall) { 780 if (oldcall) {
780 idb.d_off = (linux_off_t)linux_reclen; 781 idb.d_off = (linux_off_t)linux_reclen;
781 idb.d_reclen = (u_short)bdp->d_namlen; 782 idb.d_reclen = (u_short)bdp->d_namlen;
782 } else { 783 } else {
783 if (sizeof (idb.d_off) <= 4 && (off >> 32) != 0) { 784 if (sizeof (idb.d_off) <= 4 && (off >> 32) != 0) {
784 compat_offseterr(vp, "linux_getdents"); 785 compat_offseterr(vp, "linux_getdents");
785 error = EINVAL; 786 error = EINVAL;
786 goto out; 787 goto out;
787 } 788 }
cvs diff -r1.19 -r1.20 src/sys/compat/linux32/common/linux32_dirent.c (expand / switch to unified diff)

--- src/sys/compat/linux32/common/linux32_dirent.c 2018/09/03 16:29:29 1.19
+++ src/sys/compat/linux32/common/linux32_dirent.c 2019/08/23 07:53:36 1.20
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: linux32_dirent.c,v 1.19 2018/09/03 16:29:29 riastradh Exp $ */ 1/* $NetBSD: linux32_dirent.c,v 1.20 2019/08/23 07:53:36 maxv Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved. 4 * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions 7 * modification, are permitted provided that the following conditions
8 * are met: 8 * are met:
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright 11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the 12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution. 13 * documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software 14 * 3. All advertising materials mentioning features or use of this software
@@ -23,27 +23,27 @@ @@ -23,27 +23,27 @@
23 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS  24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 * POSSIBILITY OF SUCH DAMAGE. 31 * POSSIBILITY OF SUCH DAMAGE.
32 */ 32 */
33 33
34#include <sys/cdefs.h> 34#include <sys/cdefs.h>
35 35
36__KERNEL_RCSID(0, "$NetBSD: linux32_dirent.c,v 1.19 2018/09/03 16:29:29 riastradh Exp $"); 36__KERNEL_RCSID(0, "$NetBSD: linux32_dirent.c,v 1.20 2019/08/23 07:53:36 maxv Exp $");
37 37
38#include <sys/types.h> 38#include <sys/types.h>
39#include <sys/param.h> 39#include <sys/param.h>
40#include <sys/fstypes.h> 40#include <sys/fstypes.h>
41#include <sys/signal.h> 41#include <sys/signal.h>
42#include <sys/dirent.h> 42#include <sys/dirent.h>
43#include <sys/kernel.h> 43#include <sys/kernel.h>
44#include <sys/fcntl.h> 44#include <sys/fcntl.h>
45#include <sys/file.h> 45#include <sys/file.h>
46#include <sys/filedesc.h> 46#include <sys/filedesc.h>
47#include <sys/malloc.h> 47#include <sys/malloc.h>
48#include <sys/select.h> 48#include <sys/select.h>
49#include <sys/proc.h> 49#include <sys/proc.h>
@@ -191,26 +191,27 @@ again: @@ -191,26 +191,27 @@ again:
191 continue; 191 continue;
192 } 192 }
193 linux32_reclen = LINUX_RECLEN(&idb, bdp->d_namlen); 193 linux32_reclen = LINUX_RECLEN(&idb, bdp->d_namlen);
194 if (reclen > len || resid < linux32_reclen) { 194 if (reclen > len || resid < linux32_reclen) {
195 /* entry too big for buffer, so just stop */ 195 /* entry too big for buffer, so just stop */
196 outp++; 196 outp++;
197 break; 197 break;
198 } 198 }
199 /* 199 /*
200 * Massage in place to make a Linux-shaped dirent (otherwise 200 * Massage in place to make a Linux-shaped dirent (otherwise
201 * we have to worry about touching user memory outside of 201 * we have to worry about touching user memory outside of
202 * the copyout() call). 202 * the copyout() call).
203 */ 203 */
 204 memset(&idb, 0, sizeof(idb));
204 idb.d_ino = bdp->d_fileno; 205 idb.d_ino = bdp->d_fileno;
205 /* 206 /*
206 * The old readdir() call misuses the offset and reclen fields. 207 * The old readdir() call misuses the offset and reclen fields.
207 */ 208 */
208 if (oldcall) { 209 if (oldcall) {
209 idb.d_off = (linux32_off_t)linux32_reclen; 210 idb.d_off = (linux32_off_t)linux32_reclen;
210 idb.d_reclen = (u_short)bdp->d_namlen; 211 idb.d_reclen = (u_short)bdp->d_namlen;
211 } else { 212 } else {
212 if (sizeof (idb.d_off) <= 4 && (off >> 32) != 0) { 213 if (sizeof (idb.d_off) <= 4 && (off >> 32) != 0) {
213 compat_offseterr(vp, "linux32_getdents"); 214 compat_offseterr(vp, "linux32_getdents");
214 error = EINVAL; 215 error = EINVAL;
215 goto out; 216 goto out;
216 } 217 }