This is a better version of this patch: http://lists.gnu.org/archive/html/bug-hurd/2013-12/msg00400.html
It uses strlen(), instead of reimplementing it. * device/chario.c: Include string.h. (char_write): New if statement. --- device/chario.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/device/chario.c b/device/chario.c index 91bd8e8..962e151 100644 --- a/device/chario.c +++ b/device/chario.c @@ -31,6 +31,8 @@ * Compatibility with old TTY device drivers. */ +#include <string.h> + #include <mach/kern_return.h> #include <mach/mig_errors.h> #include <mach/vm_param.h> @@ -268,6 +270,9 @@ io_return_t char_write( vm_map_copy_t copy = (vm_map_copy_t) data; kern_return_t kr; + if (strlen(data) != sizeof(struct vm_map_copy)) + return KERN_INVALID_ARGUMENT; + kr = vm_map_copyout(device_io_map, &addr, copy); if (kr != KERN_SUCCESS) return kr; -- 1.8.1.4