diff options
author | attilio <attilio@FreeBSD.org> | 2009-11-07 21:46:34 +0000 |
---|---|---|
committer | attilio <attilio@FreeBSD.org> | 2009-11-07 21:46:34 +0000 |
commit | 06748b5f7cdf5a1f930dff2fd21a9f7ddf3a1f7f (patch) | |
tree | bec4bbf7d3e58b86574d81e92739736930e6bbe5 /usr.bin | |
parent | 66c17d4f6c913d2431bb59d83982e98b92474671 (diff) | |
download | FreeBSD-src-06748b5f7cdf5a1f930dff2fd21a9f7ddf3a1f7f.zip FreeBSD-src-06748b5f7cdf5a1f930dff2fd21a9f7ddf3a1f7f.tar.gz |
Use a safety belt for cases where corrupted narg can be passed to the
ktrsyscall(). print_number() does decrement the number of arguments,
leading to infinite loops for negative values.
Reported by: Patrick Lamaiziere <patpr at davenulle dot org>,
Jonathan Pascal <jkpyvxmzsa at mailinator dot com>
Submitted by: jh
PR: bin/120055, kern/119564
MFC: 1 week
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/kdump/kdump.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/kdump/kdump.c b/usr.bin/kdump/kdump.c index 3d8b93a..60ce05f 100644 --- a/usr.bin/kdump/kdump.c +++ b/usr.bin/kdump/kdump.c @@ -799,7 +799,7 @@ ktrsyscall(struct ktr_syscall *ktr) narg--; } } - while (narg) { + while (narg > 0) { print_number(ip,narg,c); } (void)putchar(')'); |