svn commit: r327684 - in head/sys/compat: cloudabi32 cloudabi64
Ed Schouten
ed at nuxi.nl
Mon Jan 8 15:14:14 UTC 2018
Hi Andrew,
2018-01-08 8:37 GMT+01:00 Andrew Turner <andrew at fubar.geek.nz>:
> Won’t this lead to a NULL pointer dereference on overflow? mallocarray can return NULL even with M_WAITOK.
Yes, it will, but an overflow shouldn't happen in the first place.
ri_data_len is compared with UIO_MAXIOV a few lines above. Even if an
overflow would happen, this would cause a kernel panic due to a NULL
pointer dereference later on, which is likely easier to debug than
some piece of code that overruns a buffer.
In this case, mallocarray() is preferred, because it makes it more
obvious that we're allocating a buffer that is accessed as an array,
as opposed to single structure.
--
Ed Schouten <ed at nuxi.nl>
Nuxi, 's-Hertogenbosch, the Netherlands
More information about the svn-src-all
mailing list