MFamd64: Check for invalid flags in the machine context in sigreturn()

and setcontext().
author: jhb <jhb@FreeBSD.org> 2014-11-25 12:52:00 +0000
committer: jhb <jhb@FreeBSD.org> 2014-11-25 12:52:00 +0000
commit: b4b910ded70b9e996dde0eea2f053e19fed24b9c (patch)
tree: 56c3e39cdb345c66dcf6af7ad3e20d25b29d0465
parent: 93ca893a240d8c5f679aec9222514f3389cdf212 (diff)
download: FreeBSD-src-b4b910ded70b9e996dde0eea2f053e19fed24b9c.zip
FreeBSD-src-b4b910ded70b9e996dde0eea2f053e19fed24b9c.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/i386/i386/machdep.c b/sys/i386/i386/machdep.c
index c3af9f6..751e732 100644
--- a/sys/i386/i386/machdep.c
+++ b/sys/i386/i386/machdep.c
@@ -1060,6 +1060,11 @@ sys_sigreturn(td, uap)
 	if (error != 0)
 		return (error);
 	ucp = &uc;
+	if ((ucp->uc_mcontext.mc_flags & ~_MC_FLAG_MASK) != 0) {
+		uprintf("pid %d (%s): sigreturn mc_flags %x\n", p->p_pid,
+		    td->td_name, ucp->uc_mcontext.mc_flags);
+		return (EINVAL);
+	}
 	regs = td->td_frame;
 	eflags = ucp->uc_mcontext.mc_eflags;
 	if (eflags & PSL_VM) {
@@ -3858,7 +3863,8 @@ set_mcontext(struct thread *td, const mcontext_t *mcp)
 	int eflags, ret;
 
 	tp = td->td_frame;
-	if (mcp->mc_len != sizeof(*mcp))
+	if (mcp->mc_len != sizeof(*mcp) ||
+	    (mcp->mc_flags & ~_MC_FLAG_MASK) != 0)
 		return (EINVAL);
 	eflags = (mcp->mc_eflags & PSL_USERCHANGE) |
 	    (tp->tf_eflags & ~PSL_USERCHANGE);
author	jhb <jhb@FreeBSD.org>	2014-11-25 12:52:00 +0000
committer	jhb <jhb@FreeBSD.org>	2014-11-25 12:52:00 +0000
commit	b4b910ded70b9e996dde0eea2f053e19fed24b9c (patch)
tree	56c3e39cdb345c66dcf6af7ad3e20d25b29d0465
parent	93ca893a240d8c5f679aec9222514f3389cdf212 (diff)
download	FreeBSD-src-b4b910ded70b9e996dde0eea2f053e19fed24b9c.zip FreeBSD-src-b4b910ded70b9e996dde0eea2f053e19fed24b9c.tar.gz