Increasing MAXLOGNAME from 17 to 33

Eitan Adler lists at eitanadler.com
Tue Nov 13 19:46:12 UTC 2012


On 13 November 2012 13:34, Baptiste Daroussin <bapt at freebsd.org> wrote:
> On Tue, Nov 13, 2012 at 01:50:34PM +0200, Konstantin Belousov wrote:
>
> After auditing base, it seems like this patch is enough
> http://people.freebsd.org/~bapt/maxlogname-33.diff

I'm not sure, but doesn't access to p->p_session need to be under a
lock?  Something like (although the duplicate unlocking code is
annoying):

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 53af793..8a97994 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -2081,6 +2081,11 @@ sys_getlogin(struct thread *td, struct
getlogin_args *uap)
 		uap->namelen = MAXLOGNAME;
 	PROC_LOCK(p);
 	SESS_LOCK(p->p_session);
+	if (strlen(p->p_session->s_login) + 1 > uap->namelen) {
+		SESS_UNLOCK(p->p_session);
+		PROC_UNLOCK(p);
+		return (ERANGE);
+	}
 	bcopy(p->p_session->s_login, login, uap->namelen);
 	SESS_UNLOCK(p->p_session);
 	PROC_UNLOCK(p);


-- 
Eitan Adler


More information about the freebsd-arch mailing list