svn commit: r316776 - head/sys/compat/linux

Thu, 13 Apr 2017 10:35:16 -0700 

Author: cem
Date: Thu Apr 13 17:34:51 2017
New Revision: 316776
URL: https://svnweb.freebsd.org/changeset/base/316776

Log:
  linux_ioctl: Refactor some v4l2 struct converters
  
  According to the C standard, it is invalid to copy beyond the end of an
  object, even if that object is obviously a member of a larger object (a
  struct, in this case).
  
  Appease the standard and Coverity by refactoring the copy in a
  straightforward way.  No functional change.
  
  Reported by:  Coverity (CWE-120)
  CIDs:         1007819, 1007820, 1007821, 1007822, 1009668, 1009669
  Security:     no (false positive detection)
  Sponsored by: Dell EMC Isilon

Modified:
  head/sys/compat/linux/linux_ioctl.c

Modified: head/sys/compat/linux/linux_ioctl.c
==============================================================================
--- head/sys/compat/linux/linux_ioctl.c Thu Apr 13 17:30:33 2017        
(r316775)
+++ head/sys/compat/linux/linux_ioctl.c Thu Apr 13 17:34:51 2017        
(r316776)
@@ -3185,7 +3185,12 @@ linux_to_bsd_v4l2_standard(struct l_v4l2
 {
        vstd->index = lvstd->index;
        vstd->id = lvstd->id;
-       memcpy(&vstd->name, &lvstd->name, sizeof(*lvstd) - offsetof(struct 
l_v4l2_standard, name));
+       CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name));
+       memcpy(vstd->name, lvstd->name, sizeof(vstd->name));
+       vstd->frameperiod = lvstd->frameperiod;
+       vstd->framelines = lvstd->framelines;
+       CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved));
+       memcpy(vstd->reserved, lvstd->reserved, sizeof(vstd->reserved));
        return (0);
 }
 
@@ -3194,7 +3199,12 @@ bsd_to_linux_v4l2_standard(struct v4l2_s
 {
        lvstd->index = vstd->index;
        lvstd->id = vstd->id;
-       memcpy(&lvstd->name, &vstd->name, sizeof(*lvstd) - offsetof(struct 
l_v4l2_standard, name));
+       CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name));
+       memcpy(lvstd->name, vstd->name, sizeof(lvstd->name));
+       lvstd->frameperiod = vstd->frameperiod;
+       lvstd->framelines = vstd->framelines;
+       CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved));
+       memcpy(lvstd->reserved, vstd->reserved, sizeof(lvstd->reserved));
        return (0);
 }
 
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to