From owner-svn-src-stable-9@FreeBSD.ORG Thu Mar 21 16:18:10 2013 Return-Path: Delivered-To: svn-src-stable-9@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 5731A756; Thu, 21 Mar 2013 16:18:10 +0000 (UTC) (envelope-from tijl@coosemans.org) Received: from mailrelay020.isp.belgacom.be (Mailrelay020.isp.belgacom.be [195.238.6.95]) by mx1.freebsd.org (Postfix) with ESMTP id 4CF41772; Thu, 21 Mar 2013 16:18:08 +0000 (UTC) X-Belgacom-Dynamic: yes X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgIFAMYwS1Fbs6OL/2dsb2JhbABDiCG9F4FZF3SCJAEBBSMzIgEQCxQEAgIFFgsCAgkDAgECASceBg0BBwEBiBQIsDaSQYEjjDiBNgeCLYETA5gDj2ODCzuBLg Received: from 139.163-179-91.adsl-dyn.isp.belgacom.be (HELO kalimero.tijl.coosemans.org) ([91.179.163.139]) by relay.skynet.be with ESMTP; 21 Mar 2013 17:16:58 +0100 Received: from kalimero.tijl.coosemans.org (kalimero.tijl.coosemans.org [127.0.0.1]) by kalimero.tijl.coosemans.org (8.14.6/8.14.6) with ESMTP id r2LGGvaR014337; Thu, 21 Mar 2013 17:16:57 +0100 (CET) (envelope-from tijl@coosemans.org) Message-ID: <514B3279.7010404@coosemans.org> Date: Thu, 21 Mar 2013 17:16:57 +0100 From: Tijl Coosemans User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:17.0) Gecko/20130315 Thunderbird/17.0.4 MIME-Version: 1.0 To: Tijl Coosemans Subject: Re: svn commit: r248587 - stable/9/sys/kern References: <201303211615.r2LGFZOj038244@svn.freebsd.org> In-Reply-To: <201303211615.r2LGFZOj038244@svn.freebsd.org> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-9@freebsd.org X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Mar 2013 16:18:10 -0000 On 2013-03-21 17:15, Tijl Coosemans wrote: > Author: tijl > Date: Thu Mar 21 16:15:34 2013 > New Revision: 248587 > URL: http://svnweb.freebsd.org/changeset/base/248587 > > Log: > - Fix two possible overflows when testing if ELF program headers are on > the first page: > 1. Cast uint16_t operands in a multiplication to unsigned int because > otherwise the implicit promotion to int results in a signed > multiplication that can overflow and the behaviour on integer > overflow is undefined. > 2. Replace (offset + size > PAGE_SIZE) with (size > PAGE_SIZE - offset) > because the sum may overflow. > - Use the same tests to see if the path to the interpreter is on the first > page. There's no overflow here because size is already limited by > MAXPATHLEN, but the compiler optimises the new tests better. Also fix an > off-by-one error. > - Simplify tests to see if an ELF note program header is on the first page. > This also fixes an off-by-one error. > > Reviewed by: kib Forgot to mention: MFC r248256