Date: Thu, 13 Apr 2017 17:34:52 +0000 (UTC) From: Conrad Meyer <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r316776 - head/sys/compat/linux Message-ID: <201704131734.v3DHYqAm050433@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Thu Apr 13 17:34:51 2017 New Revision: 316776 URL: https://svnweb.freebsd.org/changeset/base/316776 Log: linux_ioctl: Refactor some v4l2 struct converters According to the C standard, it is invalid to copy beyond the end of an object, even if that object is obviously a member of a larger object (a struct, in this case). Appease the standard and Coverity by refactoring the copy in a straightforward way. No functional change. Reported by: Coverity (CWE-120) CIDs: 1007819, 1007820, 1007821, 1007822, 1009668, 1009669 Security: no (false positive detection) Sponsored by: Dell EMC Isilon Modified: head/sys/compat/linux/linux_ioctl.c Modified: head/sys/compat/linux/linux_ioctl.c ============================================================================== --- head/sys/compat/linux/linux_ioctl.c Thu Apr 13 17:30:33 2017 (r316775) +++ head/sys/compat/linux/linux_ioctl.c Thu Apr 13 17:34:51 2017 (r316776) @@ -3185,7 +3185,12 @@ linux_to_bsd_v4l2_standard(struct l_v4l2 { vstd->index = lvstd->index; vstd->id = lvstd->id; - memcpy(&vstd->name, &lvstd->name, sizeof(*lvstd) - offsetof(struct l_v4l2_standard, name)); + CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name)); + memcpy(vstd->name, lvstd->name, sizeof(vstd->name)); + vstd->frameperiod = lvstd->frameperiod; + vstd->framelines = lvstd->framelines; + CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved)); + memcpy(vstd->reserved, lvstd->reserved, sizeof(vstd->reserved)); return (0); } @@ -3194,7 +3199,12 @@ bsd_to_linux_v4l2_standard(struct v4l2_s { lvstd->index = vstd->index; lvstd->id = vstd->id; - memcpy(&lvstd->name, &vstd->name, sizeof(*lvstd) - offsetof(struct l_v4l2_standard, name)); + CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name)); + memcpy(lvstd->name, vstd->name, sizeof(lvstd->name)); + lvstd->frameperiod = vstd->frameperiod; + lvstd->framelines = vstd->framelines; + CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved)); + memcpy(lvstd->reserved, vstd->reserved, sizeof(lvstd->reserved)); return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704131734.v3DHYqAm050433>