Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Nov 2012 14:45:40 -0500
From:      Eitan Adler <lists@eitanadler.com>
To:        Baptiste Daroussin <bapt@freebsd.org>
Cc:        Konstantin Belousov <kostikbel@gmail.com>, arch@freebsd.org
Subject:   Re: Increasing MAXLOGNAME from 17 to 33
Message-ID:  <CAF6rxgmz-RPHb3zJ2EwdRwh88-WjK%2B7a6j2%2BypSx5JrDq2Yv%2BA@mail.gmail.com>
In-Reply-To: <20121113183412.GA75103@ithaqua.etoilebsd.net>
References:  <20121113111806.GE62533@ithaqua.etoilebsd.net> <20121113115034.GJ73505@kib.kiev.ua> <20121113183412.GA75103@ithaqua.etoilebsd.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 13 November 2012 13:34, Baptiste Daroussin <bapt@freebsd.org> wrote:
> On Tue, Nov 13, 2012 at 01:50:34PM +0200, Konstantin Belousov wrote:
>
> After auditing base, it seems like this patch is enough
> http://people.freebsd.org/~bapt/maxlogname-33.diff

I'm not sure, but doesn't access to p->p_session need to be under a
lock?  Something like (although the duplicate unlocking code is
annoying):

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 53af793..8a97994 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -2081,6 +2081,11 @@ sys_getlogin(struct thread *td, struct
getlogin_args *uap)
 		uap->namelen = MAXLOGNAME;
 	PROC_LOCK(p);
 	SESS_LOCK(p->p_session);
+	if (strlen(p->p_session->s_login) + 1 > uap->namelen) {
+		SESS_UNLOCK(p->p_session);
+		PROC_UNLOCK(p);
+		return (ERANGE);
+	}
 	bcopy(p->p_session->s_login, login, uap->namelen);
 	SESS_UNLOCK(p->p_session);
 	PROC_UNLOCK(p);


-- 
Eitan Adler



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgmz-RPHb3zJ2EwdRwh88-WjK%2B7a6j2%2BypSx5JrDq2Yv%2BA>