mirror of
https://sourceware.org/git/glibc.git
synced 2025-07-28 00:21:52 +03:00
* sysdeps/gnu/bits/msq.h: Qualify kernel's
data structure pointers as __unbounded. * sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise. * sysdeps/generic/bp-semctl.h: New file. * sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure pointers as __unbounded. Check bounds of syscall args. * sysdeps/unix/sysv/linux/msgrcv.c: Likewise. * sysdeps/unix/sysv/linux/msgsnd.c: Likewise. * sysdeps/unix/sysv/linux/semctl.c: Likewise. * sysdeps/unix/sysv/linux/semop.c: Likewise. * sysdeps/unix/sysv/linux/shmat.c: Likewise. * sysdeps/unix/sysv/linux/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/shmdt.c: Likewise. * sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise. * sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/semctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise. 2000-07-26 Greg McGary <greg@mcgary.org> * sysdeps/gnu/bits/msq.h: Qualify kernel's data structure pointers as __unbounded. * sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise. * sysdeps/generic/bp-semctl.h: New file. * sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure pointers as __unbounded. Check bounds of syscall args. * sysdeps/unix/sysv/linux/msgrcv.c: Likewise. * sysdeps/unix/sysv/linux/msgsnd.c: Likewise. * sysdeps/unix/sysv/linux/semctl.c: Likewise. * sysdeps/unix/sysv/linux/semop.c: Likewise. * sysdeps/unix/sysv/linux/shmat.c: Likewise. * sysdeps/unix/sysv/linux/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/shmdt.c: Likewise. * sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise. * sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/semctl.c: Likewise. * sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise.
This commit is contained in:
Greg McGary
@ -25,19 +25,20 @@
|
||||
#include <string.h>
|
||||
#include <sys/syscall.h>
|
||||
#include <shlib-compat.h>
|
||||
#include <bp-checks.h>
|
||||
|
||||
#include "kernel-features.h"
|
||||
|
||||
struct __old_msqid_ds
|
||||
{
|
||||
struct __old_ipc_perm msg_perm; /* structure describing operation permission */
|
||||
struct msg *__msg_first; /* pointer to first message on queue */
|
||||
struct msg *__msg_last; /* pointer to last message on queue */
|
||||
struct msg *__unbounded __msg_first; /* pointer to first message on queue */
|
||||
struct msg *__unbounded __msg_last; /* pointer to last message on queue */
|
||||
__time_t msg_stime; /* time of last msgsnd command */
|
||||
__time_t msg_rtime; /* time of last msgrcv command */
|
||||
__time_t msg_ctime; /* time of last change */
|
||||
struct wait_queue *__wwait; /* ??? */
|
||||
struct wait_queue *__rwait; /* ??? */
|
||||
struct wait_queue *__unbounded __wwait; /* ??? */
|
||||
struct wait_queue *__unbounded __rwait; /* ??? */
|
||||
unsigned short int __msg_cbytes; /* current number of bytes on queue */
|
||||
unsigned short int msg_qnum; /* number of messages currently on queue */
|
||||
unsigned short int msg_qbytes; /* max number of bytes allowed on queue */
|
||||
@ -56,7 +57,7 @@ int __new_msgctl (int, int, struct msqid_ds *);
|
||||
int
|
||||
__old_msgctl (int msqid, int cmd, struct __old_msqid_ds *buf)
|
||||
{
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, CHECK_1 (buf));
|
||||
}
|
||||
compat_symbol (libc, __old_msgctl, msgctl, GLIBC_2_0);
|
||||
#endif
|
||||
@ -65,7 +66,8 @@ int
|
||||
__new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
|
||||
{
|
||||
#if __ASSUME_32BITUIDS > 0
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
|
||||
msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
|
||||
#else
|
||||
switch (cmd) {
|
||||
case MSG_STAT:
|
||||
@ -73,7 +75,8 @@ __new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
|
||||
case IPC_SET:
|
||||
break;
|
||||
default:
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
|
||||
return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
|
||||
msqid, cmd, 0, CHECK_1 (buf));
|
||||
}
|
||||
|
||||
{
|
||||
@ -82,7 +85,8 @@ __new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
|
||||
|
||||
/* Unfortunately there is no way how to find out for sure whether
|
||||
we should use old or new msgctl. */
|
||||
result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
|
||||
result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
|
||||
msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
|
||||
if (result != -1 || errno != EINVAL)
|
||||
return result;
|
||||
|
||||
@ -101,7 +105,8 @@ __new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, &old);
|
||||
result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
|
||||
msqid, cmd, 0, __ptrvalue (&old));
|
||||
if (result != -1 && cmd != IPC_SET)
|
||||
{
|
||||
memset(buf, 0, sizeof(*buf));
|
||||
|
||||
Reference in New Issue
Block a user