diff options
| -rw-r--r-- | sys/compat/common/kern_info_09.c | 3 | ||||
| -rw-r--r-- | sys/compat/common/vfs_syscalls_43.c | 9 | ||||
| -rw-r--r-- | sys/compat/ibcs2/ibcs2_misc.c | 46 |
3 files changed, 35 insertions, 23 deletions
diff --git a/sys/compat/common/kern_info_09.c b/sys/compat/common/kern_info_09.c index e0e568c5186..9616e00260e 100644 --- a/sys/compat/common/kern_info_09.c +++ b/sys/compat/common/kern_info_09.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_info_09.c,v 1.3 1996/03/03 05:26:22 mickey Exp $ */ +/* $OpenBSD: kern_info_09.c,v 1.4 1997/10/06 14:56:36 csapuntz Exp $ */ /* $NetBSD: kern_info_09.c,v 1.5 1996/02/21 00:10:59 cgd Exp $ */ /* @@ -127,6 +127,7 @@ compat_09_sys_uname(p, v, retval) *dp++ = *cp; *dp = '\0'; strncpy(outsname.machine, MACHINE, sizeof(outsname.machine)); + return (copyout((caddr_t)&outsname, (caddr_t)SCARG(uap, name), sizeof(struct outsname))); } diff --git a/sys/compat/common/vfs_syscalls_43.c b/sys/compat/common/vfs_syscalls_43.c index 6984952a8a3..ac2415b893d 100644 --- a/sys/compat/common/vfs_syscalls_43.c +++ b/sys/compat/common/vfs_syscalls_43.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls_43.c,v 1.5 1997/06/06 22:19:18 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls_43.c,v 1.6 1997/10/06 14:56:58 csapuntz Exp $ */ /* $NetBSD: vfs_syscalls_43.c,v 1.4 1996/03/14 19:31:52 christos Exp $ */ /* @@ -387,7 +387,8 @@ unionread: auio.uio_segflg = UIO_USERSPACE; auio.uio_procp = p; auio.uio_resid = SCARG(uap, count); - VOP_LOCK(vp); + + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p); loff = auio.uio_offset = fp->f_offset; # if (BYTE_ORDER != LITTLE_ENDIAN) if (vp->v_mount->mnt_maxsymlinklen <= 0) { @@ -404,7 +405,7 @@ unionread: MALLOC(dirbuf, caddr_t, SCARG(uap, count), M_TEMP, M_WAITOK); kiov.iov_base = dirbuf; error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag, - (u_long *)0, 0); + 0, 0); fp->f_offset = kuio.uio_offset; if (error == 0) { readcnt = SCARG(uap, count) - kuio.uio_resid; @@ -440,7 +441,7 @@ unionread: } FREE(dirbuf, M_TEMP); } - VOP_UNLOCK(vp); + VOP_UNLOCK(vp, 0, p); if (error) return (error); if ((SCARG(uap, count) == auio.uio_resid) && diff --git a/sys/compat/ibcs2/ibcs2_misc.c b/sys/compat/ibcs2/ibcs2_misc.c index 5a670f21125..97f3ab14835 100644 --- a/sys/compat/ibcs2/ibcs2_misc.c +++ b/sys/compat/ibcs2/ibcs2_misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ibcs2_misc.c,v 1.10 1997/09/11 10:48:14 deraadt Exp $ */ +/* $OpenBSD: ibcs2_misc.c,v 1.11 1997/10/06 14:57:24 csapuntz Exp $ */ /* $NetBSD: ibcs2_misc.c,v 1.23 1997/01/15 01:37:49 perry Exp $ */ /* @@ -358,8 +358,8 @@ ibcs2_sys_getdents(p, v, retval) struct ibcs2_dirent idb; off_t off; /* true file offset */ int buflen, error, eofflag; - u_long *cookiebuf, *cookie; - int ncookies; + u_long *cookiebuf = NULL, *cookie; + int ncookies = 0; if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) return (error); @@ -374,9 +374,7 @@ ibcs2_sys_getdents(p, v, retval) buflen = min(MAXBSIZE, SCARG(uap, nbytes)); buf = malloc(buflen, M_TEMP, M_WAITOK); - ncookies = buflen / 16; - cookiebuf = malloc(ncookies * sizeof(*cookiebuf), M_TEMP, M_WAITOK); - VOP_LOCK(vp); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p); off = fp->f_offset; again: aiov.iov_base = buf; @@ -392,11 +390,16 @@ again: * First we read into the malloc'ed buffer, then * we massage it into user space, one record at a time. */ - error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, cookiebuf, - ncookies); + error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, &ncookies, + &cookiebuf); if (error) goto out; + if (!error && !cookiebuf) { + error = EPERM; + goto out; + } + inp = buf; outp = SCARG(uap, buf); resid = SCARG(uap, nbytes); @@ -446,8 +449,9 @@ again: eof: *retval = SCARG(uap, nbytes) - resid; out: - VOP_UNLOCK(vp); - free(cookiebuf, M_TEMP); + VOP_UNLOCK(vp, 0, p); + if (cookiebuf) + free(cookiebuf, M_TEMP); free(buf, M_TEMP); return (error); } @@ -478,8 +482,8 @@ ibcs2_sys_read(p, v, retval) } idb; off_t off; /* true file offset */ int buflen, error, eofflag, size; - u_long *cookiebuf, *cookie; - int ncookies; + u_long *cookiebuf = NULL, *cookie; + int ncookies = 0; if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) { if (error == EINVAL) @@ -495,9 +499,7 @@ ibcs2_sys_read(p, v, retval) DPRINTF(("ibcs2_read: read directory\n")); buflen = max(MAXBSIZE, SCARG(uap, nbytes)); buf = malloc(buflen, M_TEMP, M_WAITOK); - ncookies = buflen / 16; - cookiebuf = malloc(ncookies * sizeof(*cookiebuf), M_TEMP, M_WAITOK); - VOP_LOCK(vp); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p); off = fp->f_offset; again: aiov.iov_base = buf; @@ -513,10 +515,16 @@ again: * First we read into the malloc'ed buffer, then * we massage it into user space, one record at a time. */ - error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, cookiebuf, - ncookies); + error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, &ncookies, + &cookiebuf); if (error) goto out; + + if (!error && !cookiebuf) { + error = EPERM; + goto out; + } + inp = buf; outp = SCARG(uap, buf); resid = SCARG(uap, nbytes); @@ -565,7 +573,9 @@ again: eof: *retval = SCARG(uap, nbytes) - resid; out: - VOP_UNLOCK(vp); + VOP_UNLOCK(vp, 0, p); + if (cookiebuf) + free(cookiebuf, M_TEMP); free(buf, M_TEMP); return (error); } |