Date: Sat, 26 Mar 2005 16:35:30 -0800 From: Sam Leffler <sam@errno.com> To: src-committers@FreeBSD.org Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/dev/twa twa.c Message-ID: <4245FFD2.8030405@errno.com> In-Reply-To: <200503270029.j2R0TbO4093525@repoman.freebsd.org> References: <200503270029.j2R0TbO4093525@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sam Leffler wrote: > sam 2005-03-27 00:29:37 UTC > > FreeBSD src repository > > Modified files: > sys/dev/twa twa.c > Log: > check copyin+copyout return values when processing TWA_IOCTL_GET_LOCK > > Noticed by: Coverity Prevent analysis tool Note that several places in this routine copyin failures are ignored and user supplied data appears to be used w/o validation. I'm not sure if these ioctls are accessible only to root but someone should cleanup this stuff. Sam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4245FFD2.8030405>