From owner-svn-src-head@FreeBSD.ORG Sat Jan 8 23:06:54 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9A211106566B; Sat, 8 Jan 2011 23:06:54 +0000 (UTC) (envelope-from csjp@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 88F3A8FC17; Sat, 8 Jan 2011 23:06:54 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id p08N6sx5019151; Sat, 8 Jan 2011 23:06:54 GMT (envelope-from csjp@svn.freebsd.org) Received: (from csjp@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id p08N6sDw019147; Sat, 8 Jan 2011 23:06:54 GMT (envelope-from csjp@svn.freebsd.org) Message-Id: <201101082306.p08N6sDw019147@svn.freebsd.org> From: "Christian S.J. Peron" Date: Sat, 8 Jan 2011 23:06:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r217174 - head/sys/netsmb X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 23:06:54 -0000 Author: csjp Date: Sat Jan 8 23:06:54 2011 New Revision: 217174 URL: http://svn.freebsd.org/changeset/base/217174 Log: Change some variables from int to size_t. This is more accurate since these variables represent sizes in one capacity or another. There is no reason to allow negative numbers. Change userspace shared structure elements that get used for the modified functions from int to uint32_t, since it's not clear what userspace programs use these fields, and we do not want to break binary compatibility. This fixes a panic when corrupt or bogus data is passed into the kernel. Obtained from: NetBSD MFC after: 3 weeks Modified: head/sys/netsmb/smb_dev.h head/sys/netsmb/smb_subr.c head/sys/netsmb/smb_subr.h Modified: head/sys/netsmb/smb_dev.h ============================================================================== --- head/sys/netsmb/smb_dev.h Sat Jan 8 23:03:24 2011 (r217173) +++ head/sys/netsmb/smb_dev.h Sat Jan 8 23:06:54 2011 (r217174) @@ -58,9 +58,9 @@ struct smbioc_ossn { int ioc_opt; - int ioc_svlen; /* size of ioc_server address */ + uint32_t ioc_svlen; /* size of ioc_server address */ struct sockaddr*ioc_server; - int ioc_lolen; /* size of ioc_local address */ + uint32_t ioc_lolen; /* size of ioc_local address */ struct sockaddr*ioc_local; char ioc_srvname[SMB_MAXSRVNAMELEN + 1]; int ioc_timeout; Modified: head/sys/netsmb/smb_subr.c ============================================================================== --- head/sys/netsmb/smb_subr.c Sat Jan 8 23:03:24 2011 (r217173) +++ head/sys/netsmb/smb_subr.c Sat Jan 8 23:06:54 2011 (r217174) @@ -93,7 +93,7 @@ char * smb_strdup(const char *s) { char *p; - int len; + size_t len; len = s ? strlen(s) + 1 : 1; p = malloc(len, M_SMBSTR, M_WAITOK); @@ -108,11 +108,13 @@ smb_strdup(const char *s) * duplicate string from a user space. */ char * -smb_strdupin(char *s, int maxlen) +smb_strdupin(char *s, size_t maxlen) { char *p, bt; - int error, len = 0; + int error; + size_t len; + len = 0; for (p = s; ;p++) { if (copyin(p, &bt, 1)) return NULL; @@ -135,7 +137,7 @@ smb_strdupin(char *s, int maxlen) * duplicate memory block from a user space. */ void * -smb_memdupin(void *umem, int len) +smb_memdupin(void *umem, size_t len) { char *p; @@ -178,7 +180,7 @@ smb_memfree(void *s) } void * -smb_zmalloc(unsigned long size, struct malloc_type *type, int flags) +smb_zmalloc(size_t size, struct malloc_type *type, int flags) { return malloc(size, type, flags | M_ZERO); @@ -197,12 +199,12 @@ smb_strtouni(u_int16_t *dst, const char void m_dumpm(struct mbuf *m) { char *p; - int len; + size_t len; printf("d="); while(m) { p=mtod(m,char *); len=m->m_len; - printf("(%d)",len); + printf("(%zu)",len); while(len--){ printf("%02x ",((int)*(p++)) & 0xff); } @@ -337,7 +339,7 @@ smb_copy_iconv(struct mbchain *mbp, c_ca int smb_put_dmem(struct mbchain *mbp, struct smb_vc *vcp, const char *src, - int size, int caseopt) + size_t size, int caseopt) { struct iconv_drv *dp = vcp->vc_toserver; Modified: head/sys/netsmb/smb_subr.h ============================================================================== --- head/sys/netsmb/smb_subr.h Sat Jan 8 23:03:24 2011 (r217173) +++ head/sys/netsmb/smb_subr.h Sat Jan 8 23:06:54 2011 (r217174) @@ -101,19 +101,19 @@ void smb_makescred(struct smb_cred *scre int smb_td_intr(struct thread *); char *smb_strdup(const char *s); void *smb_memdup(const void *umem, int len); -char *smb_strdupin(char *s, int maxlen); -void *smb_memdupin(void *umem, int len); +char *smb_strdupin(char *s, size_t maxlen); +void *smb_memdupin(void *umem, size_t len); void smb_strtouni(u_int16_t *dst, const char *src); void smb_strfree(char *s); void smb_memfree(void *s); -void *smb_zmalloc(unsigned long size, struct malloc_type *type, int flags); +void *smb_zmalloc(size_t size, struct malloc_type *type, int flags); int smb_calcmackey(struct smb_vc *vcp); int smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN); int smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN); int smb_maperror(int eclass, int eno); int smb_put_dmem(struct mbchain *mbp, struct smb_vc *vcp, - const char *src, int len, int caseopt); + const char *src, size_t len, int caseopt); int smb_put_dstring(struct mbchain *mbp, struct smb_vc *vcp, const char *src, int caseopt); int smb_put_string(struct smb_rq *rqp, const char *src);