Date: Mon, 8 Jan 2018 07:37:44 +0000 From: Andrew Turner <andrew@fubar.geek.nz> To: Ed Schouten <ed@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r327684 - in head/sys/compat: cloudabi32 cloudabi64 Message-ID: <8D8CA434-2A87-44D9-AC27-5166802FBBC2@fubar.geek.nz> In-Reply-To: <201801072238.w07McjLP099234@repo.freebsd.org> References: <201801072238.w07McjLP099234@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 7 Jan 2018, at 22:38, Ed Schouten <ed@FreeBSD.org> wrote: >=20 > Author: ed > Date: Sun Jan 7 22:38:45 2018 > New Revision: 327684 > URL: https://svnweb.freebsd.org/changeset/base/327684 >=20 > Log: > Use mallocarray(9) in CloudABI kernel code where possible. >=20 > Submitted by: pfg@ >=20 > Modified: > head/sys/compat/cloudabi32/cloudabi32_sock.c > head/sys/compat/cloudabi64/cloudabi64_sock.c >=20 > Modified: head/sys/compat/cloudabi32/cloudabi32_sock.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/compat/cloudabi32/cloudabi32_sock.c Sun Jan 7 = 22:21:07 2018 (r327683) > +++ head/sys/compat/cloudabi32/cloudabi32_sock.c Sun Jan 7 = 22:38:45 2018 (r327684) > @@ -60,7 +60,7 @@ cloudabi32_sys_sock_recv(struct thread *td, > /* Convert iovecs to native format. */ > if (ri.ri_data_len > UIO_MAXIOV) > return (EINVAL); > - iov =3D malloc(ri.ri_data_len * sizeof(struct iovec), > + iov =3D mallocarray(ri.ri_data_len, sizeof(struct iovec), > M_SOCKET, M_WAITOK); Won=E2=80=99t this lead to a NULL pointer dereference on overflow? = mallocarray can return NULL even with M_WAITOK. Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8D8CA434-2A87-44D9-AC27-5166802FBBC2>