Date: Thu, 4 Apr 2019 05:22:44 +0200 From: Mateusz Guzik <mjguzik@gmail.com> To: Enji Cooper <yaneurabeya@gmail.com> Cc: src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, svn-src-head@freebsd.org Subject: Re: svn commit: r345853 - head/usr.bin/rctl Message-ID: <CAGudoHH5PvS%2BnaEZpOn%2BntJGpZNGGuZ64NsJCuwVLrJT5=deOw@mail.gmail.com> In-Reply-To: <EE367002-EC49-41F3-94A8-79F475CC63B8@gmail.com> References: <201904032037.x33KbEjq070604@repo.freebsd.org> <EE367002-EC49-41F3-94A8-79F475CC63B8@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/4/19, Enji Cooper <yaneurabeya@gmail.com> wrote: > >> On Apr 3, 2019, at 1:37 PM, Mateusz Guzik <mjg@FreeBSD.org> wrote: >> >> Author: mjg >> Date: Wed Apr 3 20:37:14 2019 >> New Revision: 345853 >> URL: https://svnweb.freebsd.org/changeset/base/345853 >> >> Log: >> rctl: fix sysctl kern.racct.enable use after r341182 >> >> The value was changed from int to bool. Since the new type >> is smaller, the rest of the variable in the caller was left >> unitialized. > > I hit a bug like this recently with capsicum-test. Do you think it makes > sense to purge all of the memory or return -1/set EINVAL for reasons similar > to this for newp? > > [EINVAL] A non-null newp is given and its specified length > in > newlen is too large or too small. > There is most likely code which always passed oversized bufs. This change would break it. -- Mateusz Guzik <mjguzik gmail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGudoHH5PvS%2BnaEZpOn%2BntJGpZNGGuZ64NsJCuwVLrJT5=deOw>