sysctl: Respect max length when handle a variable string
Needs ReviewPublic
Actions

Authored by zlei on Sat, Jan 18, 3:15 PM.

Details

Reviewers

kib
kaktus

Summary

sysctl_handle_string() may microoptimise and treat a variable string as a readonly one, but we should still respect the max length ( arg2 ) so that we will not read / write out of bounds. This is the API contract.

Fixes: 210176ad76ee sysctl(9): add CTLFLAG_NEEDGIANT flag

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

zlei created this revision.Sat, Jan 18, 3:15 PM

Herald added subscribers: olce, imp. · View Herald TranscriptSat, Jan 18, 3:15 PM

zlei requested review of this revision.Sat, Jan 18, 3:15 PM

@markj
You may be interested with this. Spotted this while hacking 284073 , in case the buf overflows ...

I think this change is right, but it took me a while to understand it: the point is to harden sysctl_handle_string() against unterminated strings, so I'd suggest explaining a bit further in the commit log message.

sys/kern/kern_sysctl.c
1914	These lines should be wrapped.

kib added inline comments.Sun, Jan 19, 3:38 AM

sys/kern/kern_sysctl.c
1914	In fact, nested assignment inside the ?: operator whines for the logic to be split. And since the same expression is repeated below, it might be reasonable to spent an effort to add a helper function there.

Revision Contents
Changeset List

Path

Size

sys/

kern/

kern_sysctl.c

13 lines

Diff 149498

View Options

sysctl: Respect max length when handle a variable stringNeeds ReviewPublicActions