[haiku-commits] haiku: hrev54878 - src/system/kernel/posix

• From: waddlesplash <waddlesplash@xxxxxxxxx>
• To: haiku-commits@xxxxxxxxxxxxx
• Date: Sun, 10 Jan 2021 17:08:37 -0500 (EST)

hrev54878 adds 1 changeset to branch 'master'
old head: 7f9c675629bce77e811e6bf4dad38f0ea06a8bd5
new head: b181ea960ca3845d9d9b3baf0f87fcd353b8ece4
overview: 
https://git.haiku-os.org/haiku/log/?qt=range&q=b181ea960ca3+%5E7f9c675629bc

----------------------------------------------------------------------------

b181ea960ca3: xsi_semget: fix possible way to crash the kernel
  
  I don't know if the behavior makes sense, but anything is better than a
  kernel crash. The ticket is an example calling the syscall directly,
  so there is no user-oriented guarantee on how we behave here.
  
  Fixes #16741.
  
  Change-Id: I803596004d005c8c0e058c5422c4b0f7c78cfad8
  Reviewed-on: https://review.haiku-os.org/c/haiku/+/3623
  Reviewed-by: Rene Gollent <rene@xxxxxxxxxxx>

               [ Adrien Destugues <adrien.destugues@xxxxxxxxxxxxxxxxxxxxx> ]

----------------------------------------------------------------------------

Revision:    hrev54878
Commit:      b181ea960ca3845d9d9b3baf0f87fcd353b8ece4
URL:         https://git.haiku-os.org/haiku/commit/?id=b181ea960ca3
Author:      Adrien Destugues <adrien.destugues@xxxxxxxxxxxxxxxxxxxxx>
Date:        Sun Jan 10 19:30:58 2021 UTC
Committer:   waddlesplash <waddlesplash@xxxxxxxxx>
Commit-Date: Sun Jan 10 22:08:33 2021 UTC

Ticket:      https://dev.haiku-os.org/ticket/16741

----------------------------------------------------------------------------

1 file changed, 6 insertions(+), 1 deletion(-)
src/system/kernel/posix/xsi_semaphore.cpp | 7 ++++++-

----------------------------------------------------------------------------

diff --git a/src/system/kernel/posix/xsi_semaphore.cpp 
b/src/system/kernel/posix/xsi_semaphore.cpp
index a52028dc8c..24b47db5ab 100644
--- a/src/system/kernel/posix/xsi_semaphore.cpp
+++ b/src/system/kernel/posix/xsi_semaphore.cpp
@@ -771,7 +771,12 @@ _user_xsi_semget(key_t key, int numberOfSemaphores, int 
flags)
 
                        MutexLocker _(sXsiSemaphoreSetLock);
                        semaphoreSet = 
sSemaphoreHashTable.Lookup(semaphoreSetID);
-                       if (semaphoreSet == NULL || 
!semaphoreSet->HasPermission()) {
+                       if (semaphoreSet == NULL) {
+                               TRACE_ERROR(("xsi_semget: calling process has 
no semaphore, "
+                                       "key %d\n", (int)key));
+                               return EINVAL;
+                       }
+                       if (!semaphoreSet->HasPermission()) {
                                TRACE_ERROR(("xsi_semget: calling process has 
no permission "
                                        "on semaphore %d, key %d\n", 
semaphoreSet->ID(),
                                        (int)key));

Other related posts:

• » [haiku-commits] haiku: hrev54878 - src/system/kernel/posix - waddlesplash

1. Home
2. haiku-commits
3. Archive
4. 01-2021

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---