On 01/20/2013 19:15, m...@freebsd.org wrote:
This would be fine for a local patch but it breaks existing (valid)
uses that have exactly 8191 bytes of data, so it wouldn't be suitable
for the main FreeBSD repository. Also, in general one wants to have
limits on syscalls that can force a kernel malloc of any size, as it
leads to denial of service attacks or crashes by requesting the kernel
over-allocate memory.
Both problems are easily fixable.
Current len range can be preserved by encoding this case into an 'inout'
parameter of _IOC instead. IOC_VOID is only used when no IOC_IN/IOC_OUT
is set, so all 3 bits would mean _IORWE.
And arbitrarily high parameter size can be explicitly limited in
sys_generic.c to IOCPARM_MAX.
Yuri
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
