[Midnightbsd-cvs] src: sys/kern: Correct lack of permissions checking on sendfile system
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Thu Feb 14 13:02:43 EST 2008
Log Message:
-----------
Correct lack of permissions checking on sendfile system call.
Modified Files:
--------------
src/sys/kern:
kern_descrip.c (r1.4 -> r1.5)
uipc_syscalls.c (r1.2 -> r1.3)
-------------- next part --------------
Index: kern_descrip.c
===================================================================
RCS file: /home/cvs/src/sys/kern/kern_descrip.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L sys/kern/kern_descrip.c -L sys/kern/kern_descrip.c -u -r1.4 -r1.5
--- sys/kern/kern_descrip.c
+++ sys/kern/kern_descrip.c
@@ -2031,7 +2031,7 @@
int error;
*vpp = NULL;
- if ((error = _fget(td, fd, &fp, 0, 0)) != 0)
+ if ((error = _fget(td, fd, &fp, flags, 0)) != 0)
return (error);
if (fp->f_vnode == NULL) {
error = EINVAL;
Index: uipc_syscalls.c
===================================================================
RCS file: /home/cvs/src/sys/kern/uipc_syscalls.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L sys/kern/uipc_syscalls.c -L sys/kern/uipc_syscalls.c -u -r1.2 -r1.3
--- sys/kern/uipc_syscalls.c
+++ sys/kern/uipc_syscalls.c
@@ -1762,7 +1762,7 @@
do_sendfile(struct thread *td, struct sendfile_args *uap, int compat)
{
struct vnode *vp;
- struct vm_object *obj;
+ struct vm_object *obj = NULL;
struct socket *so = NULL;
struct mbuf *m, *m_header = NULL;
struct sf_buf *sf;
@@ -1783,7 +1783,8 @@
if ((error = fgetvp_read(td, uap->fd, &vp)) != 0)
goto done;
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
- obj = vp->v_object;
+ if (vp->v_type == VREG)
+ obj = vp->v_object;
VOP_UNLOCK(vp, 0, td);
if (obj == NULL) {
error = EINVAL;
More information about the Midnightbsd-cvs
mailing list