Differential D23694

sysv_sem: fix the loop that compacts sem array on semaphores removal.
ClosedPublic
Actions

Authored by kib on Feb 15 2020, 11:11 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Dec 17 2023, 5:53 AM

	Unknown Object (File)
	Sep 7 2023, 3:06 AM

	Unknown Object (File)
	Sep 7 2023, 3:04 AM

	Unknown Object (File)
	Sep 1 2023, 6:50 PM

	Unknown Object (File)
	Sep 1 2023, 6:32 PM

	Unknown Object (File)
	Jun 30 2023, 9:01 AM

	Unknown Object (File)
	Jun 27 2023, 6:36 PM

	Unknown Object (File)
	Jun 27 2023, 6:34 PM

View All 12 Files

Subscribers

Details

Reviewers

Commits

rS357984: sem_remove(): fix the loop that compacts sem array on semaphores removal.
rS357983: sem_remove(): add some asserts.
rS357982: Use designated initializers for seminfo.

Summary

As written now, it copies random kernel memory from beyond the bounds of the array.

While there, use designated initialisers for seminfo, and add assert in sem_remove() that sema is sane. [These will be separate commits].

Reported and tested by: pho

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kib created this revision.Feb 15 2020, 11:11 AM

Herald added a subscriber: imp. · View Herald TranscriptFeb 15 2020, 11:11 AM

Harbormaster completed remote builds in B29398: Diff 68350.Feb 15 2020, 11:11 AM

kib added a subscriber: pho.Feb 15 2020, 11:11 AM

markj accepted this revision.Feb 15 2020, 10:31 PM

This revision is now accepted and ready to land.Feb 15 2020, 10:31 PM

Closed by commit rS357982: Use designated initializers for seminfo. (authored by kib). · Explain WhyFeb 15 2020, 11:15 PM

This revision was automatically updated to reflect the committed changes.

kib added a commit: rS357982: Use designated initializers for seminfo..

kib added a commit: rS357983: sem_remove(): add some asserts..Feb 15 2020, 11:18 PM

kib added a commit: rS357984: sem_remove(): fix the loop that compacts sem array on semaphores removal..

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

18 lines

Diff 68378

head/sys/kern/sysv_sem.c

Loading...