summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorMichael Shalayeff <mickey@cvs.openbsd.org>2004-02-13 00:05:53 +0000
committerMichael Shalayeff <mickey@cvs.openbsd.org>2004-02-13 00:05:53 +0000
commit3a164d18ff789eaf165d7d165ef3d6696956fdfc (patch)
tree3cd79a036c0fc09d85d15f298da9a2e115310347 /sys
parentfc2473780f61b4c9dd85d160e8f11a93c61cd1b6 (diff)
on sigreturn check cs and rflags for evilness; from i386
Diffstat (limited to 'sys')
-rw-r--r--sys/arch/amd64/amd64/machdep.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c
index bf82df6856a..7571f885d92 100644
--- a/sys/arch/amd64/amd64/machdep.c
+++ b/sys/arch/amd64/amd64/machdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: machdep.c,v 1.3 2004/02/03 12:09:47 mickey Exp $ */
+/* $OpenBSD: machdep.c,v 1.4 2004/02/13 00:05:52 mickey Exp $ */
/* $NetBSD: machdep.c,v 1.3 2003/05/07 22:58:18 fvdl Exp $ */
/*-
@@ -684,6 +684,10 @@ sys_sigreturn(struct proc *p, void *v, register_t *retval)
if (copyin((caddr_t)scp, &ksc, sizeof ksc))
return (error);
+ if (((ksc.sc_rflags ^ tf->tf_rflags) & PSL_USERSTATIC) != 0 ||
+ !USERMODE(ksc.sc_cs, ksc.sc_eflags))
+ return (EINVAL);
+
ksc.sc_trapno = tf->tf_trapno;
ksc.sc_err = tf->tf_err;
bcopy(&ksc, tf, sizeof(*tf));