Module Name: src
Committed By: pooka
Date: Tue Nov 9 20:55:14 UTC 2010
Modified Files:
src/sys/rump/librump/rumpkern: rumpcopy.c
Log Message:
Fix off-by-one in the rpc path of copyinstr()
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/sys/rump/librump/rumpkern/rumpcopy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/rump/librump/rumpkern/rumpcopy.c
diff -u src/sys/rump/librump/rumpkern/rumpcopy.c:1.8 src/sys/rump/librump/rumpkern/rumpcopy.c:1.9
--- src/sys/rump/librump/rumpkern/rumpcopy.c:1.8 Tue Nov 9 15:22:47 2010
+++ src/sys/rump/librump/rumpkern/rumpcopy.c Tue Nov 9 20:55:14 2010
@@ -1,4 +1,4 @@
-/* $NetBSD: rumpcopy.c,v 1.8 2010/11/09 15:22:47 pooka Exp $ */
+/* $NetBSD: rumpcopy.c,v 1.9 2010/11/09 20:55:14 pooka Exp $ */
/*
* Copyright (c) 2009 Antti Kantee. All Rights Reserved.
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.8 2010/11/09 15:22:47 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.9 2010/11/09 20:55:14 pooka Exp $");
#include <sys/param.h>
#include <sys/lwp.h>
@@ -103,14 +103,17 @@
uint8_t *to;
int rv;
+ if (len == 0)
+ return 0;
+
if (curproc->p_vmspace == &vmspace0)
return copystr(uaddr, kaddr, len, done);
if ((rv = rumpuser_sp_copyin(uaddr, kaddr, len)) != 0)
return rv;
- /* figure out if we got a terminate string or not */
- to = (uint8_t *)kaddr + len;
+ /* figure out if we got a terminated string or not */
+ to = (uint8_t *)kaddr + (len-1);
while (to != kaddr) {
if (*to == 0)
goto found;
