summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbluhm <bluhm@openbsd.org>2017-04-27 21:39:27 +0000
committerbluhm <bluhm@openbsd.org>2017-04-27 21:39:27 +0000
commit7f66a4077be71b605204accda37ba68b91754fdd (patch)
tree3ae94fc1aba1db3fc3abd6fcbda39c9ef404034d
parentChange len arg of getidle() from size_t to int since it is used as (diff)
downloadwireguard-openbsd-7f66a4077be71b605204accda37ba68b91754fdd.tar.xz
wireguard-openbsd-7f66a4077be71b605204accda37ba68b91754fdd.zip
Enforce that sysctl kern.somaxconn and sominconn can only be set
to valid values. The so_qlimit is type short. report Dillon Jay Pena; OK deraadt@
Diffstat
-rw-r--r--sys/kern/kern_sysctl.c26
1 files changed, 21 insertions, 5 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c
index d08767d14bc..807a35fe75c 100644
--- a/sys/kern/kern_sysctl.c
+++ b/sys/kern/kern_sysctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_sysctl.c,v 1.324 2017/04/05 04:15:44 guenther Exp $ */
+/* $OpenBSD: kern_sysctl.c,v 1.325 2017/04/27 21:39:27 bluhm Exp $ */
/* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */
/*-
@@ -431,10 +431,26 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
return (sysctl_int(oldp, oldlenp, newp, newlen, &maxthread));
case KERN_NTHREADS:
return (sysctl_rdint(oldp, oldlenp, newp, nthreads));
- case KERN_SOMAXCONN:
- return (sysctl_int(oldp, oldlenp, newp, newlen, &somaxconn));
- case KERN_SOMINCONN:
- return (sysctl_int(oldp, oldlenp, newp, newlen, &sominconn));
+ case KERN_SOMAXCONN: {
+ int val = somaxconn;
+ error = sysctl_int(oldp, oldlenp, newp, newlen, &val);
+ if (error)
+ return error;
+ if (val < 0 || val > SHRT_MAX)
+ return EINVAL;
+ somaxconn = val;
+ return 0;
+ }
+ case KERN_SOMINCONN: {
+ int val = sominconn;
+ error = sysctl_int(oldp, oldlenp, newp, newlen, &val);
+ if (error)
+ return error;
+ if (val < 0 || val > SHRT_MAX)
+ return EINVAL;
+ sominconn = val;
+ return 0;
+ }
case KERN_NOSUIDCOREDUMP:
return (sysctl_int(oldp, oldlenp, newp, newlen, &nosuidcoredump));
case KERN_FSYNC:
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.