summaryrefslogtreecommitdiffstats
path: root/lib/libc/stdio
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libc/stdio')
-rw-r--r--lib/libc/stdio/fdopen.c12
-rw-r--r--lib/libc/stdio/fopen.c13
-rw-r--r--lib/libc/stdio/freopen.c14
3 files changed, 39 insertions, 0 deletions
diff --git a/lib/libc/stdio/fdopen.c b/lib/libc/stdio/fdopen.c
index c199871..02378ed 100644
--- a/lib/libc/stdio/fdopen.c
+++ b/lib/libc/stdio/fdopen.c
@@ -57,6 +57,18 @@ fdopen(fd, mode)
if (nofile == 0)
nofile = getdtablesize();
+ /*
+ * File descriptors are a full int, but _file is only a short.
+ * If we get a valid file descriptor that is greater than
+ * SHRT_MAX, then the fd will get sign-extended into an
+ * invalid file descriptor. Handle this case by failing the
+ * open.
+ */
+ if (fd > SHRT_MAX) {
+ errno = EMFILE;
+ return (NULL);
+ }
+
if ((flags = __sflags(mode, &oflags)) == 0)
return (NULL);
diff --git a/lib/libc/stdio/fopen.c b/lib/libc/stdio/fopen.c
index 9cedcda..a6c0028 100644
--- a/lib/libc/stdio/fopen.c
+++ b/lib/libc/stdio/fopen.c
@@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
+#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#include "un-namespace.h"
@@ -63,6 +64,18 @@ fopen(file, mode)
fp->_flags = 0; /* release */
return (NULL);
}
+ /*
+ * File descriptors are a full int, but _file is only a short.
+ * If we get a valid file descriptor that is greater than
+ * SHRT_MAX, then the fd will get sign-extended into an
+ * invalid file descriptor. Handle this case by failing the
+ * open.
+ */
+ if (f > SHRT_MAX) {
+ _close(f);
+ errno = EMFILE;
+ return (NULL);
+ }
fp->_file = f;
fp->_flags = flags;
fp->_cookie = fp;
diff --git a/lib/libc/stdio/freopen.c b/lib/libc/stdio/freopen.c
index b5bc884..a566386 100644
--- a/lib/libc/stdio/freopen.c
+++ b/lib/libc/stdio/freopen.c
@@ -203,6 +203,20 @@ finish:
}
}
+ /*
+ * File descriptors are a full int, but _file is only a short.
+ * If we get a valid file descriptor that is greater than
+ * SHRT_MAX, then the fd will get sign-extended into an
+ * invalid file descriptor. Handle this case by failing the
+ * open.
+ */
+ if (f > SHRT_MAX) {
+ fp->_flags = 0; /* set it free */
+ FUNLOCKFILE(fp);
+ errno = EMFILE;
+ return (NULL);
+ }
+
fp->_flags = flags;
fp->_file = f;
fp->_cookie = fp;
OpenPOWER on IntegriCloud