Date: Tue, 14 Nov 1995 06:29:33 +1100 From: Bruce Evans <bde@zeta.org.au> To: CVS-commiters@freefall.freebsd.org, cvs-sys@freefall.freebsd.org, phk@freefall.freebsd.org Subject: Re: cvs commit: src/sys/kern kern_sysctl.c Message-ID: <199511131929.GAA03496@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
> Modified: sys/kern kern_sysctl.c > Log: > Try to make my new scheme work more along the lines of the manual. > There are still some gray areas here and there. I noticed possible sign extension problems: e.g., in sysctl_old_kernel: i = min(req->oldlen - req->oldidx, l); if (i > 0) ... min() handles u_ints, so if req->oldlen < req->oldidx, the result is probably l and wrong. The result is probably never < 0. You should use imin() to handle ints. However, you should probably be using u_ints throughout. sysctl()'s args are u_ints but userland_sysctl() converts them to ints before checking their values. Preposterously large lengths become negative and it's not clear how they are handled. E.g., req.oldlen = *oldlenp; ^^^^^^^^^^ ^^^^^^^^ int size_t If *oldlenp == (size_t)-1, then req.oldlen == -1. Thus req->oldlen can be smaller than req->oldidx. However, min() probably does the right thing by converting everything to u_int, at least when size_t is u_int. Many uses of the wrong min() function were introduced when the MIN() macro was replaced by the min() functions. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511131929.GAA03496>