Date: Sat, 25 Nov 2006 15:10:08 GMT From: Alexander Leidinger <netchild@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 110519 for review Message-ID: <200611251510.kAPFA8do095000@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=110519 Change 110519 by netchild@netchild_magellan on 2006/11/25 15:10:05 - add some explaining comments - use sizeof(var) instead of sizeof(NAMEDVALUE) [1] - truncate the string in the ENAMETOOLONG case (like linux does) Suggested by: rwatson [1] Affected files ... .. //depot/projects/linuxolator/src/sys/compat/linux/linux_misc.c#38 edit Differences ... ==== //depot/projects/linuxolator/src/sys/compat/linux/linux_misc.c#38 (text+ko) ==== @@ -1644,22 +1644,32 @@ EMUL_UNLOCK(&emul_lock); break; case LINUX_PR_SET_NAME: - max_size = (LINUX_MAX_COMM_LEN <= MAXCOMLEN + 1) ? - LINUX_MAX_COMM_LEN : (MAXCOMLEN + 1); + /* + * To be on the safe side we need to make sure to not + * overflow the size a linux program expects. We already + * do this here in the copyin, so that we don't need to + * check on copyout. + */ + max_size = (sizeof(comm) <= sizeof(p->p_comm)) ? + sizeof(comm) : sizeof(p->p_comm); error = copyinstr((void *)(register_t) args->arg2, comm, - max_size, NULL); - if (error) + max_size, NULL); + + /* Linux silently truncates the name if it is too long. */ + if (error && error != ENAMETOOLONG) return (error); + comm[sizeof(comm) - 1] = '\0'; /* terminate if truncated */ + PROC_LOCK(p); - strlcpy(p->p_comm, comm, MAXCOMLEN + 1); + strlcpy(p->p_comm, comm, sizeof(p->p_comm)); PROC_UNLOCK(p); break; case LINUX_PR_GET_NAME: PROC_LOCK(p); - strlcpy(comm, p->p_comm, LINUX_MAX_COMM_LEN); + strlcpy(comm, p->p_comm, sizeof(comm)); PROC_UNLOCK(p); error = copyout(comm, (void *)(register_t) args->arg2, - strlen(comm)+1); + strlen(comm)+1); break; default: error = EINVAL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611251510.kAPFA8do095000>