From owner-svn-src-head@freebsd.org Mon Jan 8 15:37:46 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2608DE72FCA for ; Mon, 8 Jan 2018 15:37:46 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from sonic304-35.consmr.mail.ne1.yahoo.com (sonic304-35.consmr.mail.ne1.yahoo.com [66.163.191.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EBE30808A2 for ; Mon, 8 Jan 2018 15:37:45 +0000 (UTC) (envelope-from pfg@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1515425864; bh=4cazRHlfbyA+0ug4ZwsxSG7jbOfiBLQTLjefHHmXOc0=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=D5pftbG52co1bqUuUQz4atjrKX/EwnBAEKVW0F8XKcJnaCIc12v+nnwp+LfqiJvV/wKX6UryUPMU03mHqXSeWY7HLsjnjDqCHgbgH4GLvi67zNpyRj/gt5M3uSm2sy+rNjXL4bjIQk903/L9SOKge4rlMHInh5amKMK6yztnPCvw3n49VgzJVtW+vg6A3vju4FlB/uriIqK+7NNbWIB3hvbEWwF8gWD3voE7KtoC7S5KseeQw0x80jThVgLR2h6n7ccwX6bzgVMpfJd9fE/JgMTLQB44r8VcGK24AykmB70BNoDI98JtnyApoHmElLdTHNCwxa9gNYNDwRQG9tTV6g== X-YMail-OSG: BCiWKAYVM1n8XErNf.XQW7lDpwoDCLHrJHxYWxTXYROPOdYcz_nB2ZZ9yPF6rm. vp0QHs7yabK4Gp.mEJ7OR0vNbisuiymlt_hcTkbkjiaTKR5Un6K4843IkC4GVXzFSC60.LxRnwx6 FTiA45l_Fz9EYKgIcFVJdeke.4W.0HKSrTO9KfTKB.bzuXgg.hRr2fpPeUVNwyQ0dfF1Q6PJbwH0 kK4iNmx21IScKtyNb4WEAmzm1szm8AoxFcJXlJytdlNM2ueOduhOOoYzNRTupzQJIqTw6J0RjHOp wO3I_MUGfIJrGHQua.V0Zrs9eesiffmh1Ddzq5VyMLXlgTOcWJI3aAbEAmpn.3cIe6VZuTYM6uTX PfJto5ElDEiumklfZ1R2o_NSjmBnU.v1y4AAmSxzHuZ7msw6VZG24Vp.Tpiiwg47GAGpmhT9vAE9 w9Eia857PZu8ZsI5rZ0VWpceJKaJKRZbquF_MmEEuzHp1Syd4rLXGnkdk9Aa5J3Lxh7Stihb. Received: from sonic.gate.mail.ne1.yahoo.com by sonic304.consmr.mail.ne1.yahoo.com with HTTP; Mon, 8 Jan 2018 15:37:44 +0000 Received: from smtpgate105.mail.ne1.yahoo.com (EHLO [192.168.0.6]) ([216.155.193.135]) by smtp403.mail.ne1.yahoo.com (JAMES SMTP Server ) with ESMTPA ID 9d400679ba3fce3720889955d9c8c284; Mon, 08 Jan 2018 15:37:41 +0000 (UTC) Subject: Re: svn commit: r327684 - in head/sys/compat: cloudabi32 cloudabi64 To: Ed Schouten , Andrew Turner Cc: Ed Schouten , src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <201801072238.w07McjLP099234@repo.freebsd.org> <8D8CA434-2A87-44D9-AC27-5166802FBBC2@fubar.geek.nz> From: Pedro Giffuni Message-ID: <0a6ad324-46f2-9270-5abd-dbc3e734cc8b@FreeBSD.org> Date: Mon, 8 Jan 2018 10:37:40 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2018 15:37:46 -0000 On 01/08/18 10:13, Ed Schouten wrote: > Hi Andrew, > > 2018-01-08 8:37 GMT+01:00 Andrew Turner : >> Won’t this lead to a NULL pointer dereference on overflow? mallocarray can return NULL even with M_WAITOK. > Yes, it will, but an overflow shouldn't happen in the first place. > ri_data_len is compared with UIO_MAXIOV a few lines above. Even if an > overflow would happen, this would cause a kernel panic due to a NULL > pointer dereference later on, which is likely easier to debug than > some piece of code that overruns a buffer. > > In this case, mallocarray() is preferred, because it makes it more > obvious that we're allocating a buffer that is accessed as an array, > as opposed to single structure. > OK... The behavior of mallocarray() somewhat inconsistent with malloc(9), realloc(9) and reallocf(9) but this is clearly documented., so we just assume the developer knows what he/she is doing :). Pedro.