Date: Mon, 8 Jan 2018 17:28:50 +0000 From: Brooks Davis <brooks@freebsd.org> To: Ed Schouten <ed@nuxi.nl> Cc: Andrew Turner <andrew@fubar.geek.nz>, Ed Schouten <ed@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r327684 - in head/sys/compat: cloudabi32 cloudabi64 Message-ID: <20180108172850.GI95035@spindle.one-eyed-alien.net> In-Reply-To: <CABh_MKm4HW2nJ=402oiELgWDo=Q7h15kjOU1p6F2BPOchjZCiw@mail.gmail.com> References: <201801072238.w07McjLP099234@repo.freebsd.org> <8D8CA434-2A87-44D9-AC27-5166802FBBC2@fubar.geek.nz> <CABh_MKm4HW2nJ=402oiELgWDo=Q7h15kjOU1p6F2BPOchjZCiw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--SUk9VBj82R8Xhb8H Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 08, 2018 at 04:13:42PM +0100, Ed Schouten wrote: > Hi Andrew, >=20 > 2018-01-08 8:37 GMT+01:00 Andrew Turner <andrew@fubar.geek.nz>: > > Won???t this lead to a NULL pointer dereference on overflow? mallocarra= y can return NULL even with M_WAITOK. >=20 > Yes, it will, but an overflow shouldn't happen in the first place. > ri_data_len is compared with UIO_MAXIOV a few lines above. Even if an > overflow would happen, this would cause a kernel panic due to a NULL > pointer dereference later on, which is likely easier to debug than > some piece of code that overruns a buffer. Given that the overflow is due to a bug, there's an argument we should panic rather than returning NULL even in the M_NOWAIT case so we produce a useful message in exactly the right place. -- Brooks --SUk9VBj82R8Xhb8H Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJaU6pSAAoJEKzQXbSebgfAoBkH/1qw/k1rmZfSDF2NG9MK26VK iYSOYHlCQsy/H50X5a1QIeXWvWJvHPrctqS40i5l5R32lo9I9NEolAmEy2/TI2CW 9VlMG7zqQ9jPTtK0wbKg/rZtcxX4pSTRLRFnFNm0HDUzqqXCHUoJ/+7SRhYvnRkI ZXbgKm9XCKKyBAVazu1Cu1UmmwhUS30+xx6zxX1KVjFB8pgsk6ildJGEf7xp2sR8 VRmAyCKy3KW+1iqx4/BgSd1zuJIPbXU74fCSp/ueFKOkSPay6XktmgKzraeGzYh+ /hZXqIf444h/+QO1m+GYW862T8/fNom017D9xnl23F6yA5yLRaLyabLPMSdoAtY= =KNFw -----END PGP SIGNATURE----- --SUk9VBj82R8Xhb8H--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180108172850.GI95035>