From owner-svn-src-head@FreeBSD.ORG Mon Mar 16 15:23:22 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 057395BE; Mon, 16 Mar 2015 15:23:22 +0000 (UTC) Received: from bigwig.baldwin.cx (bigwig.baldwin.cx [IPv6:2001:470:1f11:75::1]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D0E95125; Mon, 16 Mar 2015 15:23:21 +0000 (UTC) Received: from ralph.baldwin.cx (pool-173-54-116-245.nwrknj.fios.verizon.net [173.54.116.245]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id D68F4B98F; Mon, 16 Mar 2015 11:23:20 -0400 (EDT) From: John Baldwin To: Ian Lepore Subject: Re: svn commit: r279997 - head/sys/netinet Date: Mon, 16 Mar 2015 11:15:45 -0400 Message-ID: <3051755.qWx5SR0ixE@ralph.baldwin.cx> User-Agent: KMail/4.14.2 (FreeBSD/10.1-STABLE; KDE/4.14.2; amd64; ; ) In-Reply-To: <1426377491.39727.4.camel@freebsd.org> References: <201503141811.t2EIBPeE006504@svn.freebsd.org> <12123739.Rz3jP8R4fM@ralph.baldwin.cx> <1426377491.39727.4.camel@freebsd.org> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (bigwig.baldwin.cx); Mon, 16 Mar 2015 11:23:20 -0400 (EDT) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2015 15:23:22 -0000 On Saturday, March 14, 2015 05:58:11 PM Ian Lepore wrote: > On Sat, 2015-03-14 at 17:52 -0400, John Baldwin wrote: > > On Saturday, March 14, 2015 06:11:25 PM Ian Lepore wrote: > > > Author: ian > > > Date: Sat Mar 14 18:11:24 2015 > > > New Revision: 279997 > > > URL: https://svnweb.freebsd.org/changeset/base/279997 > > > > > > Log: > > > Use sbuf_new_for_sysctl() instead of plain sbuf_new() to ensure sysctl > > > string returned to userland is nulterminated. > > > > > > PR: 195668 > > > > This is not safe. sbuf_printf() is invoked with a lock held, so it isn't > > safe for the sbuf code to do a drain here. With sbuf_new_for_sysctl(), > > any call to an sbuf routine is a potential page fault, so the handler must > > either use sysctl_wire_old_buffer(), or the contents need to be output in > > one go. For this case I would prefer to use sbuf_len(sb) + 1 (or add > > INCLUDENUL to the args when creating it) and leave the sole SYSCTL_OUT() > > at the end. > > > > You will want to check the one or two other places you converted for this > > same issue as well. > > > > Doh! I was trying to keep an eye out for locks, but I missed that one. > Fixed in r280014. > > I'm at that point in a big maintenance task where I've looked at too > much code in too short a time, thanks for keeping a watchful eye on all > this. No problem. I've replied to a few others that I think need a similar fix. However, fixing the larger bug is much appreciated. :) -- John Baldwin