ref: b09cd6786047e4572f98a7703992fe96e4312da7
parent: d275add1a89e77c69ef10bd6ed239b48c693bc42
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Thu Aug 6 07:48:51 EDT 2015
kernel: validnamedup() the name argument for segattach() this moves the name validation out of segattach() to syssegattach() to make sure the segment name cannot be changed by the user while segattach looks at it.
--- a/sys/src/9/port/segment.c
+++ b/sys/src/9/port/segment.c
@@ -604,9 +604,6 @@
if(va != 0 && va >= USTKTOP)
error(Ebadarg);
- validaddr((uintptr)name, 1, 0);
- vmemchr(name, 0, ~0);
-
for(sno = 0; sno < NSEG; sno++)
if(p->seg[sno] == nil && sno != ESEG)
break;
--- a/sys/src/9/port/sysproc.c
+++ b/sys/src/9/port/sysproc.c
@@ -775,7 +775,16 @@
name = va_arg(list, char*);
va = va_arg(list, uintptr);
len = va_arg(list, ulong);
- return segattach(up, attr, name, va, len);
+ validaddr((uintptr)name, 1, 0);
+ name = validnamedup(name, 1);
+ if(waserror()){+ free(name);
+ nexterror();
+ }
+ va = segattach(up, attr, name, va, len);
+ free(name);
+ poperror();
+ return va;
}
uintptr