From c7bd171a110dc759928d58a928869b7e355969c2 Mon Sep 17 00:00:00 2001 From: Ted Unangst Date: Wed, 5 May 2004 23:52:11 +0000 Subject: make sure uio_offset is a safe value, with suggestions from millert@ ok deraadt@ millert@ problem noticed by deprotect.com --- sys/miscfs/procfs/procfs_subr.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sys/miscfs/procfs/procfs_subr.c') diff --git a/sys/miscfs/procfs/procfs_subr.c b/sys/miscfs/procfs/procfs_subr.c index 38723b253b4..a7f9ff5f06f 100644 --- a/sys/miscfs/procfs/procfs_subr.c +++ b/sys/miscfs/procfs/procfs_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: procfs_subr.c,v 1.20 2003/08/11 10:08:04 mickey Exp $ */ +/* $OpenBSD: procfs_subr.c,v 1.21 2004/05/05 23:52:10 tedu Exp $ */ /* $NetBSD: procfs_subr.c,v 1.15 1996/02/12 15:01:42 christos Exp $ */ /* @@ -214,6 +214,8 @@ procfs_rw(v) /* Do not permit games to be played with init(8) */ if (p->p_pid == 1 && securelevel > 0 && uio->uio_rw == UIO_WRITE) return (EPERM); + if (uio->uio_offset < 0) + return (EINVAL); switch (pfs->pfs_type) { case Pnote: -- cgit v1.2.3