Date: Mon, 27 Jan 1997 08:40:49 +0900 (JST) From: Michael Hancock <michaelh@cet.co.jp> To: Terry Lambert <terry@lambert.org> Cc: bde@freefall.freebsd.org, FreeBSD Hackers <Hackers@FreeBSD.ORG> Subject: Re: cvs commit: src/sys/kern kern_lockf.c Message-ID: <Pine.SV4.3.95.970127082834.25160B-100000@parkplace.cet.co.jp> In-Reply-To: <199701262024.NAA02217@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 26 Jan 1997, Terry Lambert wrote: > > All of the argument checking seems out of place here. The call trace is > > like this: > > > > fcntl => VOP_ADVLOCK => lf_advlock > > > > or > > > > open => VOP_ADVLOCK => lf_advlock > > > > Garbage input should be stopped at the source and lf_advlock should be > > completely free from arg checking. The original coder wanted to factor > > error checking into lf_advlock, but it seems incorrect to allow garbage to > > come in so far. > > > > A consistent division of arg checking responsibilities would make it > > easier for people to decide where to do the checks. We would need some > > comments or preconditions specified in lf_advlock to communicate what was > > expected so that we would know what to do in fcntl and open. > > > > Any comments? > > Yes. The syntactic checking should be in the system call layer, and > the grammatic checking should be in the lf_advlock layer, which should > be called from the system call layer. [..] > The call trace should be: > > fcntl(lock) <- check call syntax here > lf_advlock(lock) <- check arg values here > if( !VOP_ADVLOCK(lock)) > lf_advlock(unlock) > [..] > The place for the checking is either fcntl + open, or lf_advlock, > depending on who pulls the arguments in. Taking the preposterous lengths checking example, checking isn't necessary in open case since it is initialized to zero in the body of open. The cases you need to check are directly triggered externally in fcntl by user programs. This is why I think arg values should be checked at the system call level in this case. Regards, Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.95.970127082834.25160B-100000>