git: nanosleep(2): Plug a memory disclourse and be POSIX-compliant
Aaron LI
aly at crater.dragonflybsd.org
Tue Jan 19 05:57:52 PST 2021
commit 19432bfaa9c3c4915d970c0189a2c852f968651b
Author: Aaron LI <aly at aaronly.me>
Date: Thu Jan 14 13:06:02 2021 +0800
nanosleep(2): Plug a memory disclourse and be POSIX-compliant
The nanosleep1() called by sys_nanosleep() would only update rmt on
EINTR, but it can also return other errors, such as EINVAL. And in that
case, sys_nanosleep() would update the user-space rmtp by copying
garbage from its stack frame. This is not only a kernel memory
disclourse, but also not POSIX-compliant.
Fix sys_nanosleep() to update rmtp only on EINTR. In addition, zero the
kernel rmt variable for double safety.
Obtained-from: FreeBSD (r315510)
Reviewd-by: dillon
Summary of changes:
sys/kern/kern_time.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/19432bfaa9c3c4915d970c0189a2c852f968651b
--
DragonFly BSD source repository
More information about the Commits
mailing list