diff options
| author | Thomas Nordin <nordin@cvs.openbsd.org> | 2002-10-02 21:56:31 +0000 |
|---|---|---|
| committer | Thomas Nordin <nordin@cvs.openbsd.org> | 2002-10-02 21:56:31 +0000 |
| commit | b19b658661d584209ec995f802e89d142d43ef87 (patch) | |
| tree | ad6e73ee751876a41f6459a90fa86d931fe6ee86 | |
| parent | 3f6c5770d0c5a979e833cede29ddd5b9dd607857 (diff) | |
Check for negative values. Inspiration from tedu <grendel@zeitbombe.org>.
ok deraadt@ and art@
| -rw-r--r-- | sys/kern/kern_resource.c | 6 | ||||
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 6 |
2 files changed, 7 insertions, 5 deletions
diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 7a46034050b..2255546af14 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_resource.c,v 1.19 2002/07/21 21:29:33 art Exp $ */ +/* $OpenBSD: kern_resource.c,v 1.20 2002/10/02 21:56:30 nordin Exp $ */ /* $NetBSD: kern_resource.c,v 1.38 1996/10/23 07:19:38 matthias Exp $ */ /*- @@ -324,11 +324,11 @@ sys_getrlimit(p, v, retval) register_t *retval; { register struct sys_getrlimit_args /* { - syscallarg(u_int) which; + syscallarg(int) which; syscallarg(struct rlimit *) rlp; } */ *uap = v; - if (SCARG(uap, which) >= RLIM_NLIMITS) + if (SCARG(uap, which) < 0 || SCARG(uap, which) >= RLIM_NLIMITS) return (EINVAL); return (copyout((caddr_t)&p->p_rlimit[SCARG(uap, which)], (caddr_t)SCARG(uap, rlp), sizeof (struct rlimit))); diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index b0998985e7c..0693c5f1644 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.97 2002/08/23 15:39:31 art Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.98 2002/10/02 21:56:30 nordin Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2494,7 +2494,7 @@ sys_getdirentries(p, v, retval) struct sys_getdirentries_args /* { syscallarg(int) fd; syscallarg(char *) buf; - syscallarg(u_int) count; + syscallarg(int) count; syscallarg(long *) basep; } */ *uap = v; struct vnode *vp; @@ -2504,6 +2504,8 @@ sys_getdirentries(p, v, retval) long loff; int error, eofflag; + if (SCARG(uap, count) < 0) + return EINVAL; if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) return (error); if ((fp->f_flag & FREAD) == 0) { |