blob: cf93238e81cc5c90de8a8289b1c1804716be0d60 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
Index: sys/i386/isa/spigot.c
===================================================================
RCS file: /home/ncvs/src/sys/i386/isa/spigot.c,v
retrieving revision 1.44
diff -c -p -r1.44 spigot.c
*** sys/i386/isa/spigot.c 29 Jan 2000 16:17:36 -0000 1.44
--- sys/i386/isa/spigot.c 6 Aug 2003 21:23:07 -0000
*************** struct spigot_info *info;
*** 221,226 ****
--- 221,228 ----
if(!data) return(EINVAL);
switch(cmd){
case SPIGOT_SETINT:
+ if (*(int *)data < 0 || *(int *)data > _SIG_MAXSIG)
+ return (EINVAL);
ss->p = p;
ss->signal_num = *((int *)data);
break;
Index: sys/kern/sys_process.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/sys_process.c,v
retrieving revision 1.51.2.6
diff -c -p -r1.51.2.6 sys_process.c
*** sys/kern/sys_process.c 8 Jan 2003 03:06:45 -0000 1.51.2.6
--- sys/kern/sys_process.c 6 Aug 2003 23:16:32 -0000
*************** kern_ptrace(struct proc *curp, int req,
*** 404,410 ****
case PT_STEP:
case PT_CONTINUE:
case PT_DETACH:
! if ((req != PT_STEP) && ((unsigned)data > _SIG_MAXSIG))
return EINVAL;
PHOLD(p);
--- 404,411 ----
case PT_STEP:
case PT_CONTINUE:
case PT_DETACH:
! /* Zero means do not send any signal */
! if (data < 0 || data > _SIG_MAXSIG)
return EINVAL;
PHOLD(p);
|
