rwatson 2007-09-02 09:59:33 UTC
FreeBSD src repository
Modified files:
sys/kern kern_sysctl.c
Log:
In userland_sysctl(), call useracc() with the actual newlen value to be
used, rather than the one passed via 'req', which may not reflect a
rewrite. This call to useracc() is redundant to validation performed by
later copyin()/copyout() calls, so there isn't a security issue here,
but this could technically lead to excessive validation of addresses if
the length in newlen is shorter than req.newlen.
Approved by: re (kensmith)
Reviewed by: jhb
Submitted by: Constantine A. Murenin <[EMAIL PROTECTED]>
Sponsored by: Google Summer of Code 2007
Revision Changes Path
1.177 +1 -1 src/sys/kern/kern_sysctl.c
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
