https://bugs.kde.org/show_bug.cgi?id=501741
Mark Wielaard <m...@klomp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|REPORTED |CONFIRMED
CC| |m...@klomp.org
--- Comment #2 from Mark Wielaard <m...@klomp.org> ---
This looks mostly good. But there is a missing fd check in the PRE handler
and in the POST handler shouldn't (recheck) the fd, but mark the cstat as
having been written.
cachestat takes an fd, cstat_range and flags, which are all checked in the PRE
handler as being fully defined.
And it will write out the cstat, which is being checked and prepared for
writing by the kernel.
What is missing is checking the fd is valid in the PRE handler. You want to add
something like:
if (!ML_(fd_allowed)(ARG1, "cachestat", tid, False))
SET_STATUS_Failure( VKI_EBADF );
In the POST handler the fd is checked again (*) but given this is an input, not
an output, this isn't necessary .
What is necessary is to mark the cstat struct as being defined now (by the
kernel). You should do that with
something like: POST_MEM_WRITE(ARG3, sizeof(struct vki_cachestat));
(*) The check for fd being allowed in the POST handler is doubly wrong. ARG1
isn't a pointer to the fd, but the fd itself.
If you do want to dereference a pointer then you have to be extra careful. You
want to make sure you can dereference
the pointer using something like: if (ML_(safe_to_deref)((void*)ARG1,
sizeof(Int))) { ... }
--
You are receiving this mail because:
You are watching all bug changes.
