Date: Wed, 11 Sep 2002 18:59:54 +0800 From: Grahame Bowland <grahame@ucs.uwa.edu.au> To: freebsd-hackers@freebsd.org Subject: Checking syscall arguments Message-ID: <200209111859.54919.grahame@ucs.uwa.edu.au>
next in thread | raw e-mail | index | archive | help
Hi all,
When implementing a syscall for FreeBSD, how do you ensure that the argumen=
ts=20
you have been passed are sane? I'm interested in the following syscall:
int setattr(char *file, struct stat *st, unsigned bitmap);
As far as I can see from reading similar functions, such as fhstatfs, the=20
correct way to do it is:
{
struct stat st;
error =3D copyin(SCARG(uap, st), &st, sizeof(struct stat));
if (error) { return error; }
}
Does the above code ensure that I'm safe, and I can 'trust' that there is a=
=20
struct stat 'st' that I can access normally in the code? Obviously I can't=
=20
trust the values contained in it, however can I be assured that I'm not goi=
ng=20
to overrun or anything nasty by doing the above?
Cheers,
Grahame
=20
=2D-=20
Grahame Bowland Email: grahame@ucs.uwa.edu.au
University Communications Services Phone: +61 8 9380 1175
The University of Western Australia Fax: +61 8 9380 1109
CRICOS: 00126G
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209111859.54919.grahame>