Hi Andrew, 2018-01-08 8:37 GMT+01:00 Andrew Turner <and...@fubar.geek.nz>: > Won’t this lead to a NULL pointer dereference on overflow? mallocarray can > return NULL even with M_WAITOK.
Yes, it will, but an overflow shouldn't happen in the first place. ri_data_len is compared with UIO_MAXIOV a few lines above. Even if an overflow would happen, this would cause a kernel panic due to a NULL pointer dereference later on, which is likely easier to debug than some piece of code that overruns a buffer. In this case, mallocarray() is preferred, because it makes it more obvious that we're allocating a buffer that is accessed as an array, as opposed to single structure. -- Ed Schouten <e...@nuxi.nl> Nuxi, 's-Hertogenbosch, the Netherlands _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
