[haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes

• From: waddlesplash <waddlesplash@xxxxxxxxx>
• To: haiku-commits@xxxxxxxxxxxxx
• Date: Wed, 10 Jan 2018 16:30:03 -0500

On Wed, Jan 10, 2018 at 4:15 PM, Ingo Weinhold <ingo_weinhold@xxxxxx> wrote:

On 10.01.2018 19:26, waddlesplash@xxxxxxxxx wrote:

(I just merged korli's changeset, none of this is actually my work. :)

149553d72721: packagefs: ReadAttribute with user_memcpy().

Nice catches!

While you're at it, the respective syscall kernel entries (_kern_read() and
friends) need to ensure that the supplied buffer is actually in userland.
Otherwise it is possibly to have syscalls write into kernel memory.

I took a quick look, and it seems _kern_read and friends go through
common_user_io, which does indeed check the addresses:
http://xref.plausible.coop/source/xref/haiku/src/system/kernel/fs/fd.cpp#712

So is that already done, then?

-waddlesplash

• Follow-Ups:
  • [haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes
    • From: Ingo Weinhold

• References:
  • [haiku-commits] haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes
    • From: waddlesplash
  • [haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes
    • From: Ingo Weinhold

Other related posts:

• » [haiku-commits] haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes- waddlesplash
• » [haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes- Ingo Weinhold
• » [haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes - waddlesplash
• » [haiku-commits] Re: haiku: hrev51743 - src/add-ons/kernel/file_systems/packagefs/nodes- Ingo Weinhold

1. Home
2. haiku-commits
3. Archive
4. 01-2018

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---