From owner-freebsd-current  Fri Feb 16  8:38:54 2001
Delivered-To: freebsd-current@freebsd.org
Received: from mail.imp.ch (mail.imp.ch [157.161.1.2])
	by hub.freebsd.org (Postfix) with ESMTP id 9203137B503
	for <freebsd-current@FreeBSD.ORG>; Fri, 16 Feb 2001 08:38:47 -0800 (PST)
Received: from harem.imp.ch (harem.imp.ch [157.161.4.8])
	by mail.imp.ch (8.11.1/8.11.1) with ESMTP id f1GGch005936;
	Fri, 16 Feb 2001 17:38:43 +0100 (CET)
	(envelope-from Patrick.Guelat@imp.ch)
Received: (from patg@localhost)
	by harem.imp.ch (8.11.2/8.11.2) id f1GGcgH308978;
	Fri, 16 Feb 2001 17:38:42 +0100 (MEZ)
From: Patrick Guelat <Patrick.Guelat@imp.ch>
Message-Id: <200102161638.f1GGcgH308978@harem.imp.ch>
Subject: Fix for mountpath len, 2nd edition
To: freebsd-current@FreeBSD.ORG
Date: Fri, 16 Feb 2001 17:38:42 +0100 (MEZ)
Cc: Patrick.Guelat@imp.ch
X-Mailer: ELM [version 2.5 PL2]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Here is another version of the MNAMELEN mount fix. Comments ?

	Patrick
--
Patrick Guelat, ImproWare AG Network Services, CH-4133 Pratteln
Mail: patg@imp.ch - Phone: +41 61 826 93 00 (ext: 13)
-------------------------------------------------------------------------------

*** sys/kern/vfs_syscalls.c	Fri Feb  9 07:09:52 2001
--- sys/kern/vfs_syscalls.c~	Fri Feb 16 16:31:59 2001
***************
*** 121,126 ****
--- 121,128 ----
  	struct vattr va;
  	struct nameidata nd;
  	char fstypename[MFSNAMELEN];
+ 	char mountpoint[MAXPATHLEN];
+ 	size_t mplen;
  
  	if (usermount == 0 && (error = suser(p)))
  		return (error);
***************
*** 138,147 ****
  	if (suser_xxx(p->p_ucred, 0, 0)) 
  		SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
  	/*
  	 * Get vnode to be covered
  	 */
! 	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
! 	    SCARG(uap, path), p);
  	if ((error = namei(&nd)) != 0)
  		return (error);
  	NDFREE(&nd, NDF_ONLY_PNBUF);
--- 140,157 ----
  	if (suser_xxx(p->p_ucred, 0, 0)) 
  		SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
  	/*
+ 	 * Limit pathnamelength to MNAMELEN
+ 	 */
+ 	error = copyinstr(SCARG(uap, path), mountpoint, MAXPATHLEN, &mplen);
+ 	if(!error && mplen>MNAMELEN)
+ 		error = ENAMETOOLONG;
+ 	if(error)
+ 		return (error);
+ 	/*
  	 * Get vnode to be covered
  	 */
! 	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
! 	    mountpoint, p);
  	if ((error = namei(&nd)) != 0)
  		return (error);
  	NDFREE(&nd, NDF_ONLY_PNBUF);


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message