Author: avg Date: Mon Jul 23 16:56:49 2018 New Revision: 336641 URL: https://svnweb.freebsd.org/changeset/base/336641
Log: fix incorrect operator in the AUDITPIPE_SET_QLIMIT bounds check PR: 229983 Submitted by: Aniket Pandey <anik...@iitk.ac.in> Reported by: Aniket Pandey <anik...@iitk.ac.in> MFC after: 1 week Modified: head/sys/security/audit/audit_pipe.c Modified: head/sys/security/audit/audit_pipe.c ============================================================================== --- head/sys/security/audit/audit_pipe.c Mon Jul 23 16:11:03 2018 (r336640) +++ head/sys/security/audit/audit_pipe.c Mon Jul 23 16:56:49 2018 (r336641) @@ -756,7 +756,7 @@ audit_pipe_ioctl(struct cdev *dev, u_long cmd, caddr_t case AUDITPIPE_SET_QLIMIT: /* Lockless integer write. */ - if (*(u_int *)data >= AUDIT_PIPE_QLIMIT_MIN || + if (*(u_int *)data >= AUDIT_PIPE_QLIMIT_MIN && *(u_int *)data <= AUDIT_PIPE_QLIMIT_MAX) { ap->ap_qlimit = *(u_int *)data; error = 0; _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"