From def1382d5beecbd48eb0418c20faa7d9978cb5cf Mon Sep 17 00:00:00 2001 From: Kenneth R Westerback Date: Thu, 1 Jul 2010 17:31:23 +0000 Subject: Return EINVAL if the file position is greater than LONG_MAX, since otherwise truncation will occur on archs where LONG LONG and LONG are not the same. Noticed at n2k10. Error return suggested by deraadt@. ok beck@ millert@ deraadt@ guenther@ --- sys/kern/vfs_syscalls.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'sys') diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 85847b99685..16249419534 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.161 2010/06/29 17:13:59 tedu Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.162 2010/07/01 17:31:22 krw Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2312,6 +2312,10 @@ sys_getdirentries(struct proc *p, void *v, register_t *retval) error = EBADF; goto bad; } + if (fp->f_offset > LONG_MAX) { + error = EINVAL; + goto bad; + } vp = (struct vnode *)fp->f_data; if (vp->v_type != VDIR) { error = EINVAL; -- cgit v1.2.3