From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 19 13:05:01 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D1DF16A4CE for ; Sun, 19 Sep 2004 13:05:01 +0000 (GMT) Received: from vsmtp3.tin.it (vsmtp3alice.tin.it [212.216.176.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2B4C43D2F for ; Sun, 19 Sep 2004 13:05:00 +0000 (GMT) (envelope-from gerarra@tin.it) Received: from ims3a.cp.tin.it (192.168.70.103) by vsmtp3.tin.it (7.0.027) id 414B175C00092935 for freebsd-hackers@freebsd.org; Sun, 19 Sep 2004 15:05:00 +0200 Received: from [192.168.70.227] by ims3a.cp.tin.it with HTTP; Sun, 19 Sep 2004 15:04:59 +0200 Date: Sun, 19 Sep 2004 15:04:59 +0200 Message-ID: <4146316C0000AD08@ims3a.cp.tin.it> From: gerarra@tin.it To: freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-15" Content-Transfer-Encoding: quoted-printable Subject: kernel buff overflow X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Sep 2004 13:05:01 -0000 Maybe you would appreciate more something like that: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > cat kern_syscalls.diff --- kern_syscalls.c Sat Sep 18 13:42:21 2004 +++ kern_syscalls2.c Sun Sep 19 14:59:27 2004 @@ -58,6 +58,12 @@ syscall_register(int *offset, struct sysent *new_sysent, struct sysent *old_sysent) { + +#ifdef __i386__ + if (new_sysent->sy_narg < 0 || new_sysent->sy_narg > i386_SYS_AR= GS) + return E2BIG; +#endif + if (*offset =3D=3D NO_SYSCALL) { int i;