From owner-svn-src-head@freebsd.org  Mon Jan  8 17:28:53 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 16929E794AC;
 Mon,  8 Jan 2018 17:28:53 +0000 (UTC)
 (envelope-from brooks@spindle.one-eyed-alien.net)
Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net
 [199.48.129.229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DFB146367D;
 Mon,  8 Jan 2018 17:28:52 +0000 (UTC)
 (envelope-from brooks@spindle.one-eyed-alien.net)
Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001)
 id B39975A9F15; Mon,  8 Jan 2018 17:28:50 +0000 (UTC)
Date: Mon, 8 Jan 2018 17:28:50 +0000
From: Brooks Davis <brooks@freebsd.org>
To: Ed Schouten <ed@nuxi.nl>
Cc: Andrew Turner <andrew@fubar.geek.nz>, Ed Schouten <ed@freebsd.org>,
 src-committers <src-committers@freebsd.org>,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject: Re: svn commit: r327684 - in head/sys/compat: cloudabi32 cloudabi64
Message-ID: <20180108172850.GI95035@spindle.one-eyed-alien.net>
References: <201801072238.w07McjLP099234@repo.freebsd.org>
 <8D8CA434-2A87-44D9-AC27-5166802FBBC2@fubar.geek.nz>
 <CABh_MKm4HW2nJ=402oiELgWDo=Q7h15kjOU1p6F2BPOchjZCiw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="SUk9VBj82R8Xhb8H"
Content-Disposition: inline
In-Reply-To: <CABh_MKm4HW2nJ=402oiELgWDo=Q7h15kjOU1p6F2BPOchjZCiw@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2018 17:28:53 -0000


--SUk9VBj82R8Xhb8H
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jan 08, 2018 at 04:13:42PM +0100, Ed Schouten wrote:
> Hi Andrew,
>=20
> 2018-01-08 8:37 GMT+01:00 Andrew Turner <andrew@fubar.geek.nz>:
> > Won???t this lead to a NULL pointer dereference on overflow? mallocarra=
y can return NULL even with M_WAITOK.
>=20
> Yes, it will, but an overflow shouldn't happen in the first place.
> ri_data_len is compared with UIO_MAXIOV a few lines above. Even if an
> overflow would happen, this would cause a kernel panic due to a NULL
> pointer dereference later on, which is likely easier to debug than
> some piece of code that overruns a buffer.

Given that the overflow is due to a bug, there's an argument we should
panic rather than returning NULL even in the M_NOWAIT case so we produce
a useful message in exactly the right place.

-- Brooks

--SUk9VBj82R8Xhb8H
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJaU6pSAAoJEKzQXbSebgfAoBkH/1qw/k1rmZfSDF2NG9MK26VK
iYSOYHlCQsy/H50X5a1QIeXWvWJvHPrctqS40i5l5R32lo9I9NEolAmEy2/TI2CW
9VlMG7zqQ9jPTtK0wbKg/rZtcxX4pSTRLRFnFNm0HDUzqqXCHUoJ/+7SRhYvnRkI
ZXbgKm9XCKKyBAVazu1Cu1UmmwhUS30+xx6zxX1KVjFB8pgsk6ildJGEf7xp2sR8
VRmAyCKy3KW+1iqx4/BgSd1zuJIPbXU74fCSp/ueFKOkSPay6XktmgKzraeGzYh+
/hZXqIf444h/+QO1m+GYW862T8/fNom017D9xnl23F6yA5yLRaLyabLPMSdoAtY=
=KNFw
-----END PGP SIGNATURE-----

--SUk9VBj82R8Xhb8H--