diff options
| author |   deraadt <deraadt@openbsd.org> | 2019-06-15 15:28:55 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2019-06-15 15:28:55 +0000 |
| commit | df78be12e7f55e17aefb99b73e999afa35e8ad02 (patch) | |
| tree | 41906f7725f654583624b94a4fc90356846cbba9 | |
| parent | Fix previous commit and unbreak the tree. (diff) | |
| download | wireguard-openbsd-df78be12e7f55e17aefb99b73e999afa35e8ad02.tar.xz wireguard-openbsd-df78be12e7f55e17aefb99b73e999afa35e8ad02.zip | |
Have __realpath() do the pathname==NULL -> EINVAL check itself, eliminating
the need to do this in libc.
btw, it is unfortunate posix went this way, because converting a clearly
illegal condition to not be fatal but instead return an error which is
potentially not checked in the caller, is sadly a large component of the
runaway-train model that makes exploitation of software easy.. illegal
software should crash hard.
ok beck
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 31e270be2d0..407e7361888 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.317 2019/05/30 13:11:53 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.318 2019/06/15 15:28:55 deraadt Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -880,6 +880,9 @@ sys___realpath(struct proc *p, void *v, register_t *retval) size_t pathlen; int error = 0; + if (SCARG(uap, pathname) == NULL) + return (EINVAL); + pathname = pool_get(&namei_pool, PR_WAITOK); rpbuf = pool_get(&namei_pool, PR_WAITOK); |