Where KASASERT fd < fdp->fd_nfiles should be?
Mariusz Zaborski
oshogbo at FreeBSD.org
Sat Feb 17 15:07:27 UTC 2018
Some time ago mjg@ had an idea to cleanup use of the fget_locked function in
the sys_capability. I implemented most of it and pjd@ accepted almost all
changes (with one suggestion with I didn't figure out what to do with it).
In my patch I remove one KASSERT from the cap_ioctl_check:
int
cap_ioctl_check(struct filedesc *fdp, int fd, u_long cmd)
{
u_long *cmds;
ssize_t ncmds;
long i;
FILEDESC_LOCK_ASSERT(fdp);
KASSERT(fd >= 0 && fd < fdp->fd_nfiles,
("%s: invalid fd=%d", __func__, fd));
ncmds = fdp->fd_ofiles[fd].fde_nioctls;
if (ncmds == -1)
return (0);
cmds = fdp->fd_ofiles[fd].fde_ioctls;
for (i = 0; i < ncmds; i++) {
if (cmds[i] == cmd)
return (0);
}
return (ENOTCAPABLE);
}
My question and problem is do we need this KASSERT?
The fdget_locked checks if the fd is not larger then fd_lastfile.
But the code from fdinit suggest that fd_lastfile can be larger then fd_nfiles.
pjd@ suggested that it can go over size of the table fd_ofiles array:
while (fdp->fd_lastfile >= newfdp->fd_nfiles) {
FILEDESC_SUNLOCK(fdp);
fdgrowtable(newfdp, fdp->fd_lastfile + 1);
FILEDESC_SLOCK(fdp);
}
So the question is do we need this assertion here or maybe should we move it to
the fget_locked()/fdget_locked() functions?
Thanks,
--
Mariusz Zaborski
oshogbo//vx | http://oshogbo.vexillium.org
FreeBSD commiter | https://freebsd.org
Software developer | http://wheelsystems.com
If it's not broken, let's fix it till it is!!1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20180217/66578b3d/attachment.sig>
More information about the freebsd-hackers
mailing list