Date: Wed, 17 Feb 2010 21:11:56 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: Fernando Apestegu?a <fernando.apesteguia@gmail.com> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: linprocfs proc/pid/environ patch & list question Message-ID: <20100217191156.GP50403@deviant.kiev.zoral.com.ua> In-Reply-To: <1bd550a01002171051n7117895avb5cf57fb7fbb9388@mail.gmail.com> References: <1bd550a01002171051n7117895avb5cf57fb7fbb9388@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--z4D23EFnZpzTzcHd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Feb 17, 2010 at 07:51:06PM +0100, Fernando Apestegu?a wrote: > Hi, >=20 > I have a small patch (against 8.0-RELEASE-p2) that _should_ implement > the /proc/pid/environ file > under linprocfs. > However, it seems it does not work properly but I don't know what I'm > doing wrong. > Is this list the place to ask for help? I tried in the forums[1] but > got no answer. Putting aside any "does not work" questions, please see comment below. >=20 > Don't we have a 'kernel newbies'-like list? >=20 > Thanks in advance. >=20 > [1] http://forums.freebsd.org/showthread.php?t=3D11329 >=20 > --- sys/compat/linprocfs/linprocfs.c.orig 2009-10-25 02:10:29.000000000 += 0100 > +++ sys/compat/linprocfs/linprocfs.c 2010-02-16 19:38:36.000000000 +0100 > @@ -939,8 +939,38 @@ > static int > linprocfs_doprocenviron(PFS_FILL_ARGS) > { > + int i, error; > + struct ps_strings pss; > + char **ps_envstr; >=20 > - sbuf_printf(sb, "doprocenviron\n%c", '\0'); > + PROC_LOCK(p); > + if (p_cansee(td, p) !=3D 0) > + return (0); > + PROC_UNLOCK(p); > + > + error =3D copyin((void *)p->p_sysent->sv_psstrings, &pss, > + sizeof(pss)); > + if (error) > + return (error); > + > + ps_envstr =3D malloc(pss.ps_nenvstr * sizeof(char *), > + M_TEMP, M_WAITOK); This is essentially "panic me" code. ps_nenvstr is user-controlled, and allows to specify arbitrary integers. Even ignoring exhaustion of the kernel map, it can cause allocation of big amount of physical memory. Note that execve(2) implementation uses swappable memory to store arguments and environment strings passed from vm spaces. > + > + error =3D copyin((void *)pss.ps_envstr, ps_envstr, > + pss.ps_nenvstr * sizeof(char *)); > + > + if (error) { > + free(ps_envstr, M_TEMP); > + return (error); > + } > + > + /* NULL separated list of variable=3Dvalue pairs */ > +=09 > + for (i =3D 0; i < pss.ps_nenvstr; i++) { > + sbuf_copyin(sb, ps_envstr[i], 0); > + } > + > + free(ps_envstr, M_TEMP); > return (0); > } > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" --z4D23EFnZpzTzcHd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAkt8P3sACgkQC3+MBN1Mb4i8vACg20L6f/ExO+ob4sDZo9T+mkuU ktcAn0hWvo5P1EPTKH3H7DIOICFjo3yZ =F2oo -----END PGP SIGNATURE----- --z4D23EFnZpzTzcHd--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100217191156.GP50403>