From owner-freebsd-hackers@FreeBSD.ORG  Sun Sep 19 19:43:05 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5B53C16A4CE; Sun, 19 Sep 2004 19:43:05 +0000 (GMT)
Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 11E1643D1F; Sun, 19 Sep 2004 19:43:05 +0000 (GMT)
	(envelope-from truckman@FreeBSD.org)
Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2])
	by gw.catspoiler.org (8.13.1/8.13.1) with ESMTP id i8JJgsB8004843;
	Sun, 19 Sep 2004 12:42:58 -0700 (PDT)
	(envelope-from truckman@FreeBSD.org)
Message-Id: <200409191942.i8JJgsB8004843@gw.catspoiler.org>
Date: Sun, 19 Sep 2004 12:42:54 -0700 (PDT)
From: Don Lewis <truckman@FreeBSD.org>
To: keramida@FreeBSD.org
In-Reply-To: <20040919165934.GB2907@gothmog.gr>
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
cc: freebsd-hackers@FreeBSD.org
cc: gerarra@tin.it
Subject: Re: kernel buff overflow
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Sep 2004 19:43:05 -0000

On 19 Sep, Giorgos Keramidas wrote:
> On 2004-09-19 15:04, gerarra@tin.it wrote:
>> --- kern_syscalls.c     Sat Sep 18 13:42:21 2004
>> +++ kern_syscalls2.c    Sun Sep 19 14:59:27 2004
>> @@ -58,6 +58,12 @@
>>  syscall_register(int *offset, struct sysent *new_sysent,
>>                  struct sysent *old_sysent)
>>  {
>> +
>> +#ifdef __i386__
>> +        if (new_sysent->sy_narg < 0 || new_sysent->sy_narg > i386_SYS_ARGS)
>> +                return E2BIG;
>> +#endif
>> +
>>         if (*offset == NO_SYSCALL) {
>>                 int i;
> 
> If a very simple but similar check can be added that works for all the
> architectures it's probably a cleaner solution, i.e.:
> 
> :	#ifndef SYSCALL_MAX_ARGS
> :	#define	SYSCALL_MAX_ARGS	8
> :	#endif
> :
> :	if (new_sysent->sy_narg < 0 || new_sysent->sy_narg > SYSCALL_MAX_ARGS)
> :		return EINVAL;
> 
> Then each architecture can define SYSCALL_MAX_ARGS at compile time.

Yes, the value should be defined in the architecture-specific
<machine/param.h>.  Also the machine specific syscall handlers in trap.c
should be modified to use the defined parameter instead of just using
the architecture-specific magic number.