From a4ebdea5126b886a5c74cdced3074bb1dad44dd4 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Wed, 10 Feb 1999 08:01:53 +0000 Subject: strncpy; edx trashing solution in sys_pipe(); freebsd --- sys/compat/linux/linux_misc.c | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) (limited to 'sys/compat/linux/linux_misc.c') diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c index b728b758d24..e6898adf982 100644 --- a/sys/compat/linux/linux_misc.c +++ b/sys/compat/linux/linux_misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: linux_misc.c,v 1.19 1999/02/10 00:16:12 niklas Exp $ */ +/* $OpenBSD: linux_misc.c,v 1.20 1999/02/10 08:01:52 deraadt Exp $ */ /* $NetBSD: linux_misc.c,v 1.27 1996/05/20 01:59:21 fvdl Exp $ */ /* @@ -391,12 +391,18 @@ linux_sys_uname(p, v, retval) int len; char *cp; - strncpy(luts.l_sysname, ostype, sizeof(luts.l_sysname)); - strncpy(luts.l_nodename, hostname, sizeof(luts.l_nodename)); - strncpy(luts.l_release, osrelease, sizeof(luts.l_release)); - strncpy(luts.l_version, version, sizeof(luts.l_version)); - strncpy(luts.l_machine, machine, sizeof(luts.l_machine)); - strncpy(luts.l_domainname, domainname, sizeof(luts.l_domainname)); + strncpy(luts.l_sysname, ostype, sizeof(luts.l_sysname) - 1); + luts.l_sysname[sizeof(luts.l_sysname) - 1] = '\0'; + strncpy(luts.l_nodename, hostname, sizeof(luts.l_nodename) - 1); + luts.l_nodename[sizeof(luts.l_nodename) - 1] = '\0'; + strncpy(luts.l_release, osrelease, sizeof(luts.l_release) - 1); + luts.l_release[sizeof(luts.l_release) - 1] = '\0'; + strncpy(luts.l_version, version, sizeof(luts.l_version) - 1); + luts.l_version[sizeof(luts.l_version) - 1] = '\0'; + strncpy(luts.l_machine, machine, sizeof(luts.l_machine) - 1); + luts.l_machine[sizeof(luts.l_machine) - 1] = '\0'; + strncpy(luts.l_domainname, domainname, sizeof(luts.l_domainname) - 1); + luts.l_domainname[sizeof(luts.l_domainname) - 1] = '\0'; /* This part taken from the the uname() in libc */ len = sizeof(luts.l_version); @@ -611,16 +617,30 @@ linux_sys_pipe(p, v, retval) syscallarg(int *) pfds; } */ *uap = v; int error; - - if ((error = sys_pipe(p, 0, retval))) +#ifdef __i386__ + int reg_edx = retval[1]; +#endif /* __i386__ */ + + if ((error = sys_pipe(p, 0, retval))) { +#ifdef __i386__ + retval[1] = reg_edx; +#endif /* __i386__ */ return error; + } /* Assumes register_t is an int */ - if ((error = copyout(retval, SCARG(uap, pfds), 2 * sizeof (int)))) + if ((error = copyout(retval, SCARG(uap, pfds), 2 * sizeof (int)))) { +#ifdef __i386__ + retval[1] = reg_edx; +#endif /* __i386__ */ return error; + } retval[0] = 0; +#ifdef __i386__ + retval[1] = reg_edx; +#endif /* __i386__ */ return 0; } @@ -883,7 +903,8 @@ again: idb.d_off = (linux_off_t)off; idb.d_reclen = (u_short)linux_reclen; } - strcpy(idb.d_name, bdp->d_name); + strncpy(idb.d_name, bdp->d_name, sizeof(idb.d_name) - 1); + idb.d_name[sizeof(idb.d_name) - 1] = '\0'; if ((error = copyout((caddr_t)&idb, outp, linux_reclen))) goto out; /* advance past this real entry */ -- cgit v1.2.3