From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 19 04:13:46 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DD4116A4CF; Sun, 19 Sep 2004 04:13:46 +0000 (GMT) Received: from ylpvm01.prodigy.net (ylpvm01-ext.prodigy.net [207.115.57.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id AAC6E43D2D; Sun, 19 Sep 2004 04:13:45 +0000 (GMT) (envelope-from julian@elischer.org) Received: from elischer.org ([209.233.197.29])i8J4Ddwn030694; Sun, 19 Sep 2004 00:13:40 -0400 Message-ID: <414D0776.9010805@elischer.org> Date: Sat, 18 Sep 2004 21:13:42 -0700 From: Julian Elischer User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4b) Gecko/20030524 X-Accept-Language: en, hu MIME-Version: 1.0 To: Don Lewis References: <200409181808.i8II8doH002297@gw.catspoiler.org> In-Reply-To: <200409181808.i8II8doH002297@gw.catspoiler.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-hackers@freebsd.org cc: gerarra@tin.it Subject: Re: FreeBSD Kernel buffer overflow X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Sep 2004 04:13:46 -0000 Don Lewis wrote: > On 18 Sep, gerarra@tin.it wrote: > >>Here i report a patch different from Giorgos' one. The approch is completely >>different: working on syscall_register() function in kern/kern_syscalls.c >>file. >> >>============================== >> >> >>>cat kern_syscalls.diff >> >>--- kern_syscalls.c Sat Sep 18 14:37:53 2004 >>+++ kern_syscalls2.c Sat Sep 18 14:37:53 2004 >>@@ -73,6 +73,11 @@ >> sysent[*offset].sy_call != (sy_call_t *)lkmressys) >> return EEXIST; >> >>+#if (__i386__) && (INVARIANTS) >>+ KASSERT(new_sysent->nargs >= 0 && new_sysent->nargs <= i386_SYS_ARGS, >>+ "invalid number of syscalls"); >>+#endif >>+ >> *old_sysent = sysent[*offset]; >> sysent[*offset] = *new_sysent; >> return 0; > > > Why panic the machine at this point? Just refuse to install the syscall > and return an error. and the test for INVARIANTS is un-needed.. KASSERT only compiles to anything when INVARIANTS is defined. > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"