> Hi hackers, > I realize that this isn't 100% userland code, so the checks should > be minimalized, but when looking at the ioctl(2) syscall code (at > least I think it is... there's another dupe hanging around in > sys/dev/hptmv/ioctl.c), I had some questions related to the error > handling not being done in the code: > > if (size > 0) { > if (com & IOC_VOID) { > /* Integer argument. */ > arg = (intptr_t)uap->data; > data = (void *)&arg; > size = 0; > } else > data = malloc((u_long)size, M_IOCTLOPS, > M_WAITOK); /* XXX: can fail -- do we care? */
malloc(9) with M_WAITOK cannot return NULL. So the rest of your XXX comments are not at issue. Also, free(9) is documented to do the right thing when asked to free(NULL). copyin/copyout are really just bcopy but unlike most kernel code they are allowed to take a page fault. They deal with this by setting a function pointer in PCB_ONFAULT, which is used in trap() to set a return instruction pointer. Cheers, matthew _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"