diff options
| author | iedowse <iedowse@FreeBSD.org> | 2001-08-10 22:14:18 +0000 |
|---|---|---|
| committer | iedowse <iedowse@FreeBSD.org> | 2001-08-10 22:14:18 +0000 |
| commit | b3168db212d287445647379cbeccca9a5465426c (patch) | |
| tree | d5f2f288f3f2ffff27a1098615cf2ec1edba15a5 /sys/kern/vfs_syscalls.c | |
| parent | 68667358ad9981401ec98ef20204e4b1fe20d194 (diff) | |
| download | FreeBSD-src-b3168db212d287445647379cbeccca9a5465426c.zip FreeBSD-src-b3168db212d287445647379cbeccca9a5465426c.tar.gz | |
Arbitrarily limit to 64k the number of bytes that can be read at
a time using the ogetdirentries() compatibility syscall. This is a
hack to ensure that rediculous values don't get passed to MALLOC().
Reviewed by: kris
Diffstat (limited to 'sys/kern/vfs_syscalls.c')
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 35f9576..187727f 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -3059,6 +3059,9 @@ ogetdirentries(p, uap) int error, eofflag, readcnt; long loff; + /* XXX arbitrary sanity limit on `count'. */ + if (SCARG(uap, count) > 64 * 1024) + return (EINVAL); if ((error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) != 0) return (error); if ((fp->f_flag & FREAD) == 0) |
