aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2003-08-10 23:35:21 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2003-08-10 23:35:21 +0000
commit1ef66c88baa1bff418f897dfe707e8b7e5101b4e (patch)
tree518a27f1b9a26c6f334b92f97848e9c0c8019de7
parent117af7c676b7dc9ab4ca7e8ae9d0316d4d9c8aec (diff)
downloadsrc-1ef66c88baa1bff418f897dfe707e8b7e5101b4e.tar.gz
src-1ef66c88baa1bff418f897dfe707e8b7e5101b4e.zip
MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
Notes
Notes: svn path=/releng/4.6/; revision=118755
-rw-r--r--UPDATING3
-rw-r--r--sys/conf/newvers.sh2
-rw-r--r--sys/i386/ibcs2/ibcs2_stat.c4
3 files changed, 8 insertions, 1 deletions
diff --git a/UPDATING b/UPDATING
index 12e9e3c8ea46..8c53421719cd 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
+20030810: p16 FreeBSD-SA-03:10.iBCS2
+ iBCS2 system call translator for statfs leaked information.
+
20030810: p15 FreeBSD-SA-03:09.signal
Repair range-checking errors in signal handling.
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 227a15be57c5..efca2100adab 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
TYPE="FreeBSD"
REVISION="4.6.2"
-BRANCH="RELEASE-p15"
+BRANCH="RELEASE-p16"
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"
diff --git a/sys/i386/ibcs2/ibcs2_stat.c b/sys/i386/ibcs2/ibcs2_stat.c
index 863e6e0b7d99..eb3bcb188a09 100644
--- a/sys/i386/ibcs2/ibcs2_stat.c
+++ b/sys/i386/ibcs2/ibcs2_stat.c
@@ -82,6 +82,10 @@ cvt_statfs(sp, buf, len)
{
struct ibcs2_statfs ssfs;
+ if (len < 0)
+ return (EINVAL);
+ else if (len > sizeof(ssfs))
+ len = sizeof(ssfs);
bzero(&ssfs, sizeof ssfs);
ssfs.f_fstyp = 0;
ssfs.f_bsize = sp->f_bsize;