From a9a8ba3d71317f7b24ad9e1ab0b23239e1057669 Mon Sep 17 00:00:00 2001 From: Ian Dowse Date: Fri, 10 Aug 2001 22:14:18 +0000 Subject: [PATCH] Arbitrarily limit to 64k the number of bytes that can be read at a time using the ogetdirentries() compatibility syscall. This is a hack to ensure that rediculous values don't get passed to MALLOC(). Reviewed by: kris --- sys/kern/vfs_extattr.c | 3 +++ sys/kern/vfs_syscalls.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c index 35f9576c42ec..187727f87b97 100644 --- a/sys/kern/vfs_extattr.c +++ b/sys/kern/vfs_extattr.c @@ -3059,6 +3059,9 @@ ogetdirentries(p, uap) int error, eofflag, readcnt; long loff; + /* XXX arbitrary sanity limit on `count'. */ + if (SCARG(uap, count) > 64 * 1024) + return (EINVAL); if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) return (error); if ((fp->f_flag & FREAD) == 0) diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 35f9576c42ec..187727f87b97 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -3059,6 +3059,9 @@ ogetdirentries(p, uap) int error, eofflag, readcnt; long loff; + /* XXX arbitrary sanity limit on `count'. */ + if (SCARG(uap, count) > 64 * 1024) + return (EINVAL); if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) return (error); if ((fp->f_flag & FREAD) == 0)