Pull up following revision(s) (requested by riastradh in ticket #1833): sys/compat/netbsd32/netbsd32_netbsd.c: revision 1.232 sys/compat/netbsd32/netbsd32_socket.c: revision 1.56 sys/compat/netbsd32/netbsd32_conv.h: revision 1.45 sys/compat/netbsd32/netbsd32_fs.c: revision 1.92 sys/compat/netbsd32/netbsd32.h: revision 1.137 The read/write/send/recv system calls return ssize_t because -1 is returned on error. Therefore we must restrict the lengths of any buffers to NETBSD32_SSIZE_MAX with compat32 to avoid garbage return values. Fixes ATF lib/libc/sys/t_write:write_err.diff -r1.114.8.3 -r1.114.8.4 src/sys/compat/netbsd32/netbsd32.h
(martin)
--- src/sys/compat/netbsd32/netbsd32.h 2018/08/25 11:13:05 1.114.8.3
+++ src/sys/compat/netbsd32/netbsd32.h 2023/06/21 20:38:35 1.114.8.4
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: netbsd32.h,v 1.114.8.3 2018/08/25 11:13:05 martin Exp $ */ | 1 | /* $NetBSD: netbsd32.h,v 1.114.8.4 2023/06/21 20:38:35 martin Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1998, 2001, 2008, 2015 Matthew R. Green | 4 | * Copyright (c) 1998, 2001, 2008, 2015 Matthew R. Green | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -44,41 +44,44 @@ | @@ -44,41 +44,44 @@ | |||
44 | #include <sys/syscallargs.h> | 44 | #include <sys/syscallargs.h> | |
45 | #include <sys/ipc.h> | 45 | #include <sys/ipc.h> | |
46 | #include <sys/shm.h> | 46 | #include <sys/shm.h> | |
47 | #include <sys/ucontext.h> | 47 | #include <sys/ucontext.h> | |
48 | #include <sys/ucred.h> | 48 | #include <sys/ucred.h> | |
49 | #include <compat/sys/ucontext.h> | 49 | #include <compat/sys/ucontext.h> | |
50 | #include <compat/sys/mount.h> | 50 | #include <compat/sys/mount.h> | |
51 | #include <compat/sys/signal.h> | 51 | #include <compat/sys/signal.h> | |
52 | #include <compat/sys/siginfo.h> | 52 | #include <compat/sys/siginfo.h> | |
53 | 53 | |||
54 | #include <nfs/rpcv2.h> | 54 | #include <nfs/rpcv2.h> | |
55 | 55 | |||
56 | /* | 56 | /* | |
57 | * first, define the basic types we need. | 57 | * first define the basic types we need, and any applicable limits. | |
58 | */ | 58 | */ | |
59 | 59 | |||
60 | typedef int32_t netbsd32_long; | 60 | typedef int32_t netbsd32_long; | |
61 | typedef uint32_t netbsd32_u_long; | 61 | typedef uint32_t netbsd32_u_long; | |
62 | typedef int64_t netbsd32_quad; | 62 | typedef int64_t netbsd32_quad; | |
63 | 63 | |||
64 | typedef uint32_t netbsd32_clock_t; | 64 | typedef uint32_t netbsd32_clock_t; | |
65 | typedef uint32_t netbsd32_size_t; | 65 | typedef uint32_t netbsd32_size_t; | |
66 | typedef int32_t netbsd32_ssize_t; | 66 | typedef int32_t netbsd32_ssize_t; | |
67 | typedef int32_t netbsd32_clockid_t; | 67 | typedef int32_t netbsd32_clockid_t; | |
68 | typedef int32_t netbsd32_key_t; | 68 | typedef int32_t netbsd32_key_t; | |
69 | typedef int32_t netbsd32_intptr_t; | 69 | typedef int32_t netbsd32_intptr_t; | |
70 | typedef uint32_t netbsd32_uintptr_t; | 70 | typedef uint32_t netbsd32_uintptr_t; | |
71 | 71 | |||
72 | /* Note: 32-bit sparc defines ssize_t as long but still has same size as int. */ | |||
73 | #define NETBSD32_SSIZE_MAX INT32_MAX | |||
74 | ||||
72 | /* netbsd32_[u]int64 are machine dependent and defined below */ | 75 | /* netbsd32_[u]int64 are machine dependent and defined below */ | |
73 | 76 | |||
74 | /* | 77 | /* | |
75 | * machine dependant section; must define: | 78 | * machine dependant section; must define: | |
76 | * netbsd32_pointer_t | 79 | * netbsd32_pointer_t | |
77 | * - 32-bit pointer type, normally uint32_t but can be int32_t | 80 | * - 32-bit pointer type, normally uint32_t but can be int32_t | |
78 | * for platforms which rely on sign-extension of pointers | 81 | * for platforms which rely on sign-extension of pointers | |
79 | * such as SH-5. | 82 | * such as SH-5. | |
80 | * NETBSD32PTR64(p32) | 83 | * NETBSD32PTR64(p32) | |
81 | * - Translate a 32-bit pointer into something valid in a | 84 | * - Translate a 32-bit pointer into something valid in a | |
82 | * 64-bit context. | 85 | * 64-bit context. | |
83 | * struct netbsd32_sigcontext | 86 | * struct netbsd32_sigcontext | |
84 | * - 32bit compatibility sigcontext structure for this arch. | 87 | * - 32bit compatibility sigcontext structure for this arch. |
--- src/sys/compat/netbsd32/netbsd32_conv.h 2019/02/23 06:58:14 1.31.8.3
+++ src/sys/compat/netbsd32/netbsd32_conv.h 2023/06/21 20:38:35 1.31.8.4
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: netbsd32_conv.h,v 1.31.8.3 2019/02/23 06:58:14 martin Exp $ */ | 1 | /* $NetBSD: netbsd32_conv.h,v 1.31.8.4 2023/06/21 20:38:35 martin Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1998, 2001 Matthew R. Green | 4 | * Copyright (c) 1998, 2001 Matthew R. Green | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -241,40 +241,55 @@ netbsd32_from_rusage50(const struct rusa | @@ -241,40 +241,55 @@ netbsd32_from_rusage50(const struct rusa | |||
241 | C(ru_msgrcv); | 241 | C(ru_msgrcv); | |
242 | C(ru_nsignals); | 242 | C(ru_nsignals); | |
243 | C(ru_nvcsw); | 243 | C(ru_nvcsw); | |
244 | C(ru_nivcsw); | 244 | C(ru_nivcsw); | |
245 | #undef C | 245 | #undef C | |
246 | } | 246 | } | |
247 | 247 | |||
248 | static __inline int | 248 | static __inline int | |
249 | netbsd32_to_iovecin(const struct netbsd32_iovec *iov32p, struct iovec *iovp, | 249 | netbsd32_to_iovecin(const struct netbsd32_iovec *iov32p, struct iovec *iovp, | |
250 | int len) | 250 | int len) | |
251 | { | 251 | { | |
252 | int i, error=0; | 252 | int i, error=0; | |
253 | u_int32_t iov_base; | 253 | u_int32_t iov_base; | |
254 | u_int32_t iov_len; | 254 | u_int32_t iov_len, total_iov_len; | |
255 | ||||
255 | /* | 256 | /* | |
256 | * We could allocate an iov32p, do a copyin, and translate | 257 | * We could allocate an iov32p, do a copyin, and translate | |
257 | * each field and then free it all up, or we could copyin | 258 | * each field and then free it all up, or we could copyin | |
258 | * each field separately. I'm doing the latter to reduce | 259 | * each field separately. I'm doing the latter to reduce | |
259 | * the number of MALLOC()s. | 260 | * the number of MALLOC()s. | |
260 | */ | 261 | */ | |
262 | total_iov_len = 0; | |||
261 | for (i = 0; i < len; i++, iovp++, iov32p++) { | 263 | for (i = 0; i < len; i++, iovp++, iov32p++) { | |
262 | if ((error = copyin(&iov32p->iov_base, &iov_base, sizeof(iov_base)))) | 264 | if ((error = copyin(&iov32p->iov_base, &iov_base, sizeof(iov_base)))) | |
263 | return (error); | 265 | return (error); | |
264 | if ((error = copyin(&iov32p->iov_len, &iov_len, sizeof(iov_len)))) | 266 | if ((error = copyin(&iov32p->iov_len, &iov_len, sizeof(iov_len)))) | |
265 | return (error); | 267 | return (error); | |
266 | iovp->iov_base = (void *)(u_long)iov_base; | 268 | iovp->iov_base = (void *)(u_long)iov_base; | |
267 | iovp->iov_len = (size_t)iov_len; | 269 | iovp->iov_len = (size_t)iov_len; | |
270 | ||||
271 | /* | |||
272 | * System calls return ssize_t because -1 is returned | |||
273 | * on error. Therefore we must restrict the length to | |||
274 | * SSIZE_MAX (NETBSD32_SSIZE_MAX with compat32) to | |||
275 | * avoid garbage return values. | |||
276 | */ | |||
277 | total_iov_len += iov_len; | |||
278 | if (iov_len > NETBSD32_SSIZE_MAX || | |||
279 | total_iov_len > NETBSD32_SSIZE_MAX) { | |||
280 | return EINVAL; | |||
281 | break; | |||
282 | } | |||
268 | } | 283 | } | |
269 | return error; | 284 | return error; | |
270 | } | 285 | } | |
271 | 286 | |||
272 | /* msg_iov must be done separately */ | 287 | /* msg_iov must be done separately */ | |
273 | static __inline void | 288 | static __inline void | |
274 | netbsd32_to_msghdr(const struct netbsd32_msghdr *mhp32, struct msghdr *mhp) | 289 | netbsd32_to_msghdr(const struct netbsd32_msghdr *mhp32, struct msghdr *mhp) | |
275 | { | 290 | { | |
276 | 291 | |||
277 | mhp->msg_name = NETBSD32PTR64(mhp32->msg_name); | 292 | mhp->msg_name = NETBSD32PTR64(mhp32->msg_name); | |
278 | mhp->msg_namelen = mhp32->msg_namelen; | 293 | mhp->msg_namelen = mhp32->msg_namelen; | |
279 | mhp->msg_iovlen = (size_t)mhp32->msg_iovlen; | 294 | mhp->msg_iovlen = (size_t)mhp32->msg_iovlen; | |
280 | mhp->msg_control = NETBSD32PTR64(mhp32->msg_control); | 295 | mhp->msg_control = NETBSD32PTR64(mhp32->msg_control); |
--- src/sys/compat/netbsd32/netbsd32_fs.c 2018/08/25 11:13:05 1.80.2.1
+++ src/sys/compat/netbsd32/netbsd32_fs.c 2023/06/21 20:38:35 1.80.2.2
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: netbsd32_fs.c,v 1.80.2.1 2018/08/25 11:13:05 martin Exp $ */ | 1 | /* $NetBSD: netbsd32_fs.c,v 1.80.2.2 2023/06/21 20:38:35 martin Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1998, 2001 Matthew R. Green | 4 | * Copyright (c) 1998, 2001 Matthew R. Green | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -17,27 +17,27 @@ | @@ -17,27 +17,27 @@ | |||
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | 22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | 23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
26 | * SUCH DAMAGE. | 26 | * SUCH DAMAGE. | |
27 | */ | 27 | */ | |
28 | 28 | |||
29 | #include <sys/cdefs.h> | 29 | #include <sys/cdefs.h> | |
30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_fs.c,v 1.80.2.1 2018/08/25 11:13:05 martin Exp $"); | 30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_fs.c,v 1.80.2.2 2023/06/21 20:38:35 martin Exp $"); | |
31 | 31 | |||
32 | #include <sys/param.h> | 32 | #include <sys/param.h> | |
33 | #include <sys/systm.h> | 33 | #include <sys/systm.h> | |
34 | #include <sys/mount.h> | 34 | #include <sys/mount.h> | |
35 | #include <sys/socket.h> | 35 | #include <sys/socket.h> | |
36 | #include <sys/socketvar.h> | 36 | #include <sys/socketvar.h> | |
37 | #include <sys/stat.h> | 37 | #include <sys/stat.h> | |
38 | #include <sys/time.h> | 38 | #include <sys/time.h> | |
39 | #include <sys/ktrace.h> | 39 | #include <sys/ktrace.h> | |
40 | #include <sys/resourcevar.h> | 40 | #include <sys/resourcevar.h> | |
41 | #include <sys/vnode.h> | 41 | #include <sys/vnode.h> | |
42 | #include <sys/file.h> | 42 | #include <sys/file.h> | |
43 | #include <sys/filedesc.h> | 43 | #include <sys/filedesc.h> | |
@@ -165,27 +165,28 @@ dofilereadv32(int fd, struct file *fp, s | @@ -165,27 +165,28 @@ dofilereadv32(int fd, struct file *fp, s | |||
165 | auio.uio_rw = UIO_READ; | 165 | auio.uio_rw = UIO_READ; | |
166 | auio.uio_vmspace = curproc->p_vmspace; | 166 | auio.uio_vmspace = curproc->p_vmspace; | |
167 | error = netbsd32_to_iovecin(iovp, iov, iovcnt); | 167 | error = netbsd32_to_iovecin(iovp, iov, iovcnt); | |
168 | if (error) | 168 | if (error) | |
169 | goto done; | 169 | goto done; | |
170 | auio.uio_resid = 0; | 170 | auio.uio_resid = 0; | |
171 | for (i = 0; i < iovcnt; i++) { | 171 | for (i = 0; i < iovcnt; i++) { | |
172 | auio.uio_resid += iov->iov_len; | 172 | auio.uio_resid += iov->iov_len; | |
173 | /* | 173 | /* | |
174 | * Reads return ssize_t because -1 is returned on error. | 174 | * Reads return ssize_t because -1 is returned on error. | |
175 | * Therefore we must restrict the length to SSIZE_MAX to | 175 | * Therefore we must restrict the length to SSIZE_MAX to | |
176 | * avoid garbage return values. | 176 | * avoid garbage return values. | |
177 | */ | 177 | */ | |
178 | if (iov->iov_len > SSIZE_MAX || auio.uio_resid > SSIZE_MAX) { | 178 | if (iov->iov_len > NETBSD32_SSIZE_MAX || | |
179 | auio.uio_resid > NETBSD32_SSIZE_MAX) { | |||
179 | error = EINVAL; | 180 | error = EINVAL; | |
180 | goto done; | 181 | goto done; | |
181 | } | 182 | } | |
182 | iov++; | 183 | iov++; | |
183 | } | 184 | } | |
184 | 185 | |||
185 | /* | 186 | /* | |
186 | * if tracing, save a copy of iovec | 187 | * if tracing, save a copy of iovec | |
187 | */ | 188 | */ | |
188 | if (ktrpoint(KTR_GENIO)) { | 189 | if (ktrpoint(KTR_GENIO)) { | |
189 | ktriov = kmem_alloc(iovlen, KM_SLEEP); | 190 | ktriov = kmem_alloc(iovlen, KM_SLEEP); | |
190 | memcpy((void *)ktriov, (void *)auio.uio_iov, iovlen); | 191 | memcpy((void *)ktriov, (void *)auio.uio_iov, iovlen); | |
191 | } | 192 | } | |
@@ -269,27 +270,28 @@ dofilewritev32(int fd, struct file *fp, | @@ -269,27 +270,28 @@ dofilewritev32(int fd, struct file *fp, | |||
269 | auio.uio_rw = UIO_WRITE; | 270 | auio.uio_rw = UIO_WRITE; | |
270 | auio.uio_vmspace = curproc->p_vmspace; | 271 | auio.uio_vmspace = curproc->p_vmspace; | |
271 | error = netbsd32_to_iovecin(iovp, iov, iovcnt); | 272 | error = netbsd32_to_iovecin(iovp, iov, iovcnt); | |
272 | if (error) | 273 | if (error) | |
273 | goto done; | 274 | goto done; | |
274 | auio.uio_resid = 0; | 275 | auio.uio_resid = 0; | |
275 | for (i = 0; i < iovcnt; i++) { | 276 | for (i = 0; i < iovcnt; i++) { | |
276 | auio.uio_resid += iov->iov_len; | 277 | auio.uio_resid += iov->iov_len; | |
277 | /* | 278 | /* | |
278 | * Writes return ssize_t because -1 is returned on error. | 279 | * Writes return ssize_t because -1 is returned on error. | |
279 | * Therefore we must restrict the length to SSIZE_MAX to | 280 | * Therefore we must restrict the length to SSIZE_MAX to | |
280 | * avoid garbage return values. | 281 | * avoid garbage return values. | |
281 | */ | 282 | */ | |
282 | if (iov->iov_len > SSIZE_MAX || auio.uio_resid > SSIZE_MAX) { | 283 | if (iov->iov_len > NETBSD32_SSIZE_MAX || | |
284 | auio.uio_resid > NETBSD32_SSIZE_MAX) { | |||
283 | error = EINVAL; | 285 | error = EINVAL; | |
284 | goto done; | 286 | goto done; | |
285 | } | 287 | } | |
286 | iov++; | 288 | iov++; | |
287 | } | 289 | } | |
288 | 290 | |||
289 | /* | 291 | /* | |
290 | * if tracing, save a copy of iovec | 292 | * if tracing, save a copy of iovec | |
291 | */ | 293 | */ | |
292 | if (ktrpoint(KTR_GENIO)) { | 294 | if (ktrpoint(KTR_GENIO)) { | |
293 | ktriov = kmem_alloc(iovlen, KM_SLEEP); | 295 | ktriov = kmem_alloc(iovlen, KM_SLEEP); | |
294 | memcpy((void *)ktriov, (void *)auio.uio_iov, iovlen); | 296 | memcpy((void *)ktriov, (void *)auio.uio_iov, iovlen); | |
295 | } | 297 | } |
--- src/sys/compat/netbsd32/netbsd32_netbsd.c 2018/12/27 12:04:09 1.206.2.2
+++ src/sys/compat/netbsd32/netbsd32_netbsd.c 2023/06/21 20:38:35 1.206.2.3
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: netbsd32_netbsd.c,v 1.206.2.2 2018/12/27 12:04:09 martin Exp $ */ | 1 | /* $NetBSD: netbsd32_netbsd.c,v 1.206.2.3 2023/06/21 20:38:35 martin Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1998, 2001, 2008 Matthew R. Green | 4 | * Copyright (c) 1998, 2001, 2008 Matthew R. Green | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -17,27 +17,27 @@ | @@ -17,27 +17,27 @@ | |||
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | 22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | 23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
26 | * SUCH DAMAGE. | 26 | * SUCH DAMAGE. | |
27 | */ | 27 | */ | |
28 | 28 | |||
29 | #include <sys/cdefs.h> | 29 | #include <sys/cdefs.h> | |
30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.206.2.2 2018/12/27 12:04:09 martin Exp $"); | 30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.206.2.3 2023/06/21 20:38:35 martin Exp $"); | |
31 | 31 | |||
32 | #if defined(_KERNEL_OPT) | 32 | #if defined(_KERNEL_OPT) | |
33 | #include "opt_ddb.h" | 33 | #include "opt_ddb.h" | |
34 | #include "opt_ntp.h" | 34 | #include "opt_ntp.h" | |
35 | #include "opt_ktrace.h" | 35 | #include "opt_ktrace.h" | |
36 | #include "opt_compat_netbsd.h" | 36 | #include "opt_compat_netbsd.h" | |
37 | #include "opt_compat_43.h" | 37 | #include "opt_compat_43.h" | |
38 | #include "opt_sysv.h" | 38 | #include "opt_sysv.h" | |
39 | #include "opt_syscall_debug.h" | 39 | #include "opt_syscall_debug.h" | |
40 | #endif | 40 | #endif | |
41 | 41 | |||
42 | /* | 42 | /* | |
43 | * Though COMPAT_OLDSOCK is needed only for COMPAT_43, SunOS, Linux, | 43 | * Though COMPAT_OLDSOCK is needed only for COMPAT_43, SunOS, Linux, | |
@@ -188,42 +188,48 @@ netbsd32_exit(struct lwp *l, const struc | @@ -188,42 +188,48 @@ netbsd32_exit(struct lwp *l, const struc | |||
188 | return sys_exit(l, &ua, retval); | 188 | return sys_exit(l, &ua, retval); | |
189 | } | 189 | } | |
190 | 190 | |||
191 | int | 191 | int | |
192 | netbsd32_read(struct lwp *l, const struct netbsd32_read_args *uap, register_t *retval) | 192 | netbsd32_read(struct lwp *l, const struct netbsd32_read_args *uap, register_t *retval) | |
193 | { | 193 | { | |
194 | /* { | 194 | /* { | |
195 | syscallarg(int) fd; | 195 | syscallarg(int) fd; | |
196 | syscallarg(netbsd32_voidp) buf; | 196 | syscallarg(netbsd32_voidp) buf; | |
197 | syscallarg(netbsd32_size_t) nbyte; | 197 | syscallarg(netbsd32_size_t) nbyte; | |
198 | } */ | 198 | } */ | |
199 | struct sys_read_args ua; | 199 | struct sys_read_args ua; | |
200 | 200 | |||
201 | if (SCARG(uap, nbyte) > NETBSD32_SSIZE_MAX) | |||
202 | return EINVAL; | |||
203 | ||||
201 | NETBSD32TO64_UAP(fd); | 204 | NETBSD32TO64_UAP(fd); | |
202 | NETBSD32TOP_UAP(buf, void *); | 205 | NETBSD32TOP_UAP(buf, void *); | |
203 | NETBSD32TOX_UAP(nbyte, size_t); | 206 | NETBSD32TOX_UAP(nbyte, size_t); | |
204 | return sys_read(l, &ua, retval); | 207 | return sys_read(l, &ua, retval); | |
205 | } | 208 | } | |
206 | 209 | |||
207 | int | 210 | int | |
208 | netbsd32_write(struct lwp *l, const struct netbsd32_write_args *uap, register_t *retval) | 211 | netbsd32_write(struct lwp *l, const struct netbsd32_write_args *uap, register_t *retval) | |
209 | { | 212 | { | |
210 | /* { | 213 | /* { | |
211 | syscallarg(int) fd; | 214 | syscallarg(int) fd; | |
212 | syscallarg(const netbsd32_voidp) buf; | 215 | syscallarg(const netbsd32_voidp) buf; | |
213 | syscallarg(netbsd32_size_t) nbyte; | 216 | syscallarg(netbsd32_size_t) nbyte; | |
214 | } */ | 217 | } */ | |
215 | struct sys_write_args ua; | 218 | struct sys_write_args ua; | |
216 | 219 | |||
220 | if (SCARG(uap, nbyte) > NETBSD32_SSIZE_MAX) | |||
221 | return EINVAL; | |||
222 | ||||
217 | NETBSD32TO64_UAP(fd); | 223 | NETBSD32TO64_UAP(fd); | |
218 | NETBSD32TOP_UAP(buf, void *); | 224 | NETBSD32TOP_UAP(buf, void *); | |
219 | NETBSD32TOX_UAP(nbyte, size_t); | 225 | NETBSD32TOX_UAP(nbyte, size_t); | |
220 | return sys_write(l, &ua, retval); | 226 | return sys_write(l, &ua, retval); | |
221 | } | 227 | } | |
222 | 228 | |||
223 | int | 229 | int | |
224 | netbsd32_close(struct lwp *l, const struct netbsd32_close_args *uap, register_t *retval) | 230 | netbsd32_close(struct lwp *l, const struct netbsd32_close_args *uap, register_t *retval) | |
225 | { | 231 | { | |
226 | /* { | 232 | /* { | |
227 | syscallarg(int) fd; | 233 | syscallarg(int) fd; | |
228 | } */ | 234 | } */ | |
229 | struct sys_close_args ua; | 235 | struct sys_close_args ua; | |
@@ -1331,46 +1337,52 @@ out: | @@ -1331,46 +1337,52 @@ out: | |||
1331 | 1337 | |||
1332 | int | 1338 | int | |
1333 | netbsd32_pread(struct lwp *l, const struct netbsd32_pread_args *uap, register_t *retval) | 1339 | netbsd32_pread(struct lwp *l, const struct netbsd32_pread_args *uap, register_t *retval) | |
1334 | { | 1340 | { | |
1335 | /* { | 1341 | /* { | |
1336 | syscallarg(int) fd; | 1342 | syscallarg(int) fd; | |
1337 | syscallarg(netbsd32_voidp) buf; | 1343 | syscallarg(netbsd32_voidp) buf; | |
1338 | syscallarg(netbsd32_size_t) nbyte; | 1344 | syscallarg(netbsd32_size_t) nbyte; | |
1339 | syscallarg(int) PAD; | 1345 | syscallarg(int) PAD; | |
1340 | syscallarg(netbsd32_off_t) offset; | 1346 | syscallarg(netbsd32_off_t) offset; | |
1341 | } */ | 1347 | } */ | |
1342 | struct sys_pread_args ua; | 1348 | struct sys_pread_args ua; | |
1343 | 1349 | |||
1350 | if (SCARG(uap, nbyte) > NETBSD32_SSIZE_MAX) | |||
1351 | return EINVAL; | |||
1352 | ||||
1344 | NETBSD32TO64_UAP(fd); | 1353 | NETBSD32TO64_UAP(fd); | |
1345 | NETBSD32TOP_UAP(buf, void); | 1354 | NETBSD32TOP_UAP(buf, void); | |
1346 | NETBSD32TOX_UAP(nbyte, size_t); | 1355 | NETBSD32TOX_UAP(nbyte, size_t); | |
1347 | NETBSD32TO64_UAP(PAD); | 1356 | NETBSD32TO64_UAP(PAD); | |
1348 | NETBSD32TO64_UAP(offset); | 1357 | NETBSD32TO64_UAP(offset); | |
1349 | return sys_pread(l, &ua, retval); | 1358 | return sys_pread(l, &ua, retval); | |
1350 | } | 1359 | } | |
1351 | 1360 | |||
1352 | int | 1361 | int | |
1353 | netbsd32_pwrite(struct lwp *l, const struct netbsd32_pwrite_args *uap, register_t *retval) | 1362 | netbsd32_pwrite(struct lwp *l, const struct netbsd32_pwrite_args *uap, register_t *retval) | |
1354 | { | 1363 | { | |
1355 | /* { | 1364 | /* { | |
1356 | syscallarg(int) fd; | 1365 | syscallarg(int) fd; | |
1357 | syscallarg(const netbsd32_voidp) buf; | 1366 | syscallarg(const netbsd32_voidp) buf; | |
1358 | syscallarg(netbsd32_size_t) nbyte; | 1367 | syscallarg(netbsd32_size_t) nbyte; | |
1359 | syscallarg(int) PAD; | 1368 | syscallarg(int) PAD; | |
1360 | syscallarg(netbsd32_off_t) offset; | 1369 | syscallarg(netbsd32_off_t) offset; | |
1361 | } */ | 1370 | } */ | |
1362 | struct sys_pwrite_args ua; | 1371 | struct sys_pwrite_args ua; | |
1363 | 1372 | |||
1373 | if (SCARG(uap, nbyte) > NETBSD32_SSIZE_MAX) | |||
1374 | return EINVAL; | |||
1375 | ||||
1364 | NETBSD32TO64_UAP(fd); | 1376 | NETBSD32TO64_UAP(fd); | |
1365 | NETBSD32TOP_UAP(buf, void); | 1377 | NETBSD32TOP_UAP(buf, void); | |
1366 | NETBSD32TOX_UAP(nbyte, size_t); | 1378 | NETBSD32TOX_UAP(nbyte, size_t); | |
1367 | NETBSD32TO64_UAP(PAD); | 1379 | NETBSD32TO64_UAP(PAD); | |
1368 | NETBSD32TO64_UAP(offset); | 1380 | NETBSD32TO64_UAP(offset); | |
1369 | return sys_pwrite(l, &ua, retval); | 1381 | return sys_pwrite(l, &ua, retval); | |
1370 | } | 1382 | } | |
1371 | 1383 | |||
1372 | int | 1384 | int | |
1373 | netbsd32_setgid(struct lwp *l, const struct netbsd32_setgid_args *uap, register_t *retval) | 1385 | netbsd32_setgid(struct lwp *l, const struct netbsd32_setgid_args *uap, register_t *retval) | |
1374 | { | 1386 | { | |
1375 | /* { | 1387 | /* { | |
1376 | syscallarg(gid_t) gid; | 1388 | syscallarg(gid_t) gid; |
--- src/sys/compat/netbsd32/netbsd32_socket.c 2018/11/13 16:55:22 1.44.8.1
+++ src/sys/compat/netbsd32/netbsd32_socket.c 2023/06/21 20:38:35 1.44.8.2
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: netbsd32_socket.c,v 1.44.8.1 2018/11/13 16:55:22 snj Exp $ */ | 1 | /* $NetBSD: netbsd32_socket.c,v 1.44.8.2 2023/06/21 20:38:35 martin Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1998, 2001 Matthew R. Green | 4 | * Copyright (c) 1998, 2001 Matthew R. Green | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -17,27 +17,27 @@ | @@ -17,27 +17,27 @@ | |||
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 21 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | 22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | 23 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 24 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
26 | * SUCH DAMAGE. | 26 | * SUCH DAMAGE. | |
27 | */ | 27 | */ | |
28 | 28 | |||
29 | #include <sys/cdefs.h> | 29 | #include <sys/cdefs.h> | |
30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_socket.c,v 1.44.8.1 2018/11/13 16:55:22 snj Exp $"); | 30 | __KERNEL_RCSID(0, "$NetBSD: netbsd32_socket.c,v 1.44.8.2 2023/06/21 20:38:35 martin Exp $"); | |
31 | 31 | |||
32 | #include <sys/param.h> | 32 | #include <sys/param.h> | |
33 | #include <sys/systm.h> | 33 | #include <sys/systm.h> | |
34 | #define msg __msg /* Don't ask me! */ | 34 | #define msg __msg /* Don't ask me! */ | |
35 | #include <sys/mount.h> | 35 | #include <sys/mount.h> | |
36 | #include <sys/socket.h> | 36 | #include <sys/socket.h> | |
37 | #include <sys/sockio.h> | 37 | #include <sys/sockio.h> | |
38 | #include <sys/socketvar.h> | 38 | #include <sys/socketvar.h> | |
39 | #include <sys/mbuf.h> | 39 | #include <sys/mbuf.h> | |
40 | #include <sys/ktrace.h> | 40 | #include <sys/ktrace.h> | |
41 | #include <sys/file.h> | 41 | #include <sys/file.h> | |
42 | #include <sys/filedesc.h> | 42 | #include <sys/filedesc.h> | |
43 | #include <sys/syscallargs.h> | 43 | #include <sys/syscallargs.h> | |
@@ -389,26 +389,29 @@ netbsd32_recvfrom(struct lwp *l, const s | @@ -389,26 +389,29 @@ netbsd32_recvfrom(struct lwp *l, const s | |||
389 | /* { | 389 | /* { | |
390 | syscallarg(int) s; | 390 | syscallarg(int) s; | |
391 | syscallarg(netbsd32_voidp) buf; | 391 | syscallarg(netbsd32_voidp) buf; | |
392 | syscallarg(netbsd32_size_t) len; | 392 | syscallarg(netbsd32_size_t) len; | |
393 | syscallarg(int) flags; | 393 | syscallarg(int) flags; | |
394 | syscallarg(netbsd32_sockaddrp_t) from; | 394 | syscallarg(netbsd32_sockaddrp_t) from; | |
395 | syscallarg(netbsd32_intp) fromlenaddr; | 395 | syscallarg(netbsd32_intp) fromlenaddr; | |
396 | } */ | 396 | } */ | |
397 | struct msghdr msg; | 397 | struct msghdr msg; | |
398 | struct iovec aiov; | 398 | struct iovec aiov; | |
399 | int error; | 399 | int error; | |
400 | struct mbuf *from; | 400 | struct mbuf *from; | |
401 | 401 | |||
402 | if (SCARG(uap, len) > NETBSD32_SSIZE_MAX) | |||
403 | return EINVAL; | |||
404 | ||||
402 | msg.msg_name = NULL; | 405 | msg.msg_name = NULL; | |
403 | msg.msg_iov = &aiov; | 406 | msg.msg_iov = &aiov; | |
404 | msg.msg_iovlen = 1; | 407 | msg.msg_iovlen = 1; | |
405 | aiov.iov_base = SCARG_P32(uap, buf); | 408 | aiov.iov_base = SCARG_P32(uap, buf); | |
406 | aiov.iov_len = SCARG(uap, len); | 409 | aiov.iov_len = SCARG(uap, len); | |
407 | msg.msg_control = NULL; | 410 | msg.msg_control = NULL; | |
408 | msg.msg_flags = SCARG(uap, flags) & MSG_USERFLAGS; | 411 | msg.msg_flags = SCARG(uap, flags) & MSG_USERFLAGS; | |
409 | 412 | |||
410 | error = do_sys_recvmsg(l, SCARG(uap, s), &msg, NULL, ~0U, | 413 | error = do_sys_recvmsg(l, SCARG(uap, s), &msg, NULL, ~0U, | |
411 | &from, NULL, retval); | 414 | &from, NULL, retval); | |
412 | if (error != 0) | 415 | if (error != 0) | |
413 | return error; | 416 | return error; | |
414 | 417 | |||
@@ -423,24 +426,27 @@ int | @@ -423,24 +426,27 @@ int | |||
423 | netbsd32_sendto(struct lwp *l, const struct netbsd32_sendto_args *uap, register_t *retval) | 426 | netbsd32_sendto(struct lwp *l, const struct netbsd32_sendto_args *uap, register_t *retval) | |
424 | { | 427 | { | |
425 | /* { | 428 | /* { | |
426 | syscallarg(int) s; | 429 | syscallarg(int) s; | |
427 | syscallarg(const netbsd32_voidp) buf; | 430 | syscallarg(const netbsd32_voidp) buf; | |
428 | syscallarg(netbsd32_size_t) len; | 431 | syscallarg(netbsd32_size_t) len; | |
429 | syscallarg(int) flags; | 432 | syscallarg(int) flags; | |
430 | syscallarg(const netbsd32_sockaddrp_t) to; | 433 | syscallarg(const netbsd32_sockaddrp_t) to; | |
431 | syscallarg(int) tolen; | 434 | syscallarg(int) tolen; | |
432 | } */ | 435 | } */ | |
433 | struct msghdr msg; | 436 | struct msghdr msg; | |
434 | struct iovec aiov; | 437 | struct iovec aiov; | |
435 | 438 | |||
439 | if (SCARG(uap, len) > NETBSD32_SSIZE_MAX) | |||
440 | return EINVAL; | |||
441 | ||||
436 | msg.msg_name = SCARG_P32(uap, to); /* XXX kills const */ | 442 | msg.msg_name = SCARG_P32(uap, to); /* XXX kills const */ | |
437 | msg.msg_namelen = SCARG(uap, tolen); | 443 | msg.msg_namelen = SCARG(uap, tolen); | |
438 | msg.msg_iov = &aiov; | 444 | msg.msg_iov = &aiov; | |
439 | msg.msg_iovlen = 1; | 445 | msg.msg_iovlen = 1; | |
440 | msg.msg_control = 0; | 446 | msg.msg_control = 0; | |
441 | aiov.iov_base = SCARG_P32(uap, buf); /* XXX kills const */ | 447 | aiov.iov_base = SCARG_P32(uap, buf); /* XXX kills const */ | |
442 | aiov.iov_len = SCARG(uap, len); | 448 | aiov.iov_len = SCARG(uap, len); | |
443 | msg.msg_flags = 0; | 449 | msg.msg_flags = 0; | |
444 | return do_sys_sendmsg(l, SCARG(uap, s), &msg, SCARG(uap, flags), | 450 | return do_sys_sendmsg(l, SCARG(uap, s), &msg, SCARG(uap, flags), | |
445 | NULL, ~0U, retval); | 451 | NULL, ~0U, retval); | |
446 | } | 452 | } |