path: root/sys/netsmb
diff options
authorChristian S.J. Peron <csjp@FreeBSD.org>2011-01-08 23:06:54 +0000
committerChristian S.J. Peron <csjp@FreeBSD.org>2011-01-08 23:06:54 +0000
commita67b22d67f22790238a6b077c356f936053e7b7d (patch)
treeda82577cb834eded3f6fc598c03b6ff8e0e5a1e5 /sys/netsmb
parente0b71bf2a4db53ca7535370c824dfad1f6f4129e (diff)
Change some variables from int to size_t. This is more accurate since
these variables represent sizes in one capacity or another. There is no reason to allow negative numbers. Change userspace shared structure elements that get used for the modified functions from int to uint32_t, since it's not clear what userspace programs use these fields, and we do not want to break binary compatibility. This fixes a panic when corrupt or bogus data is passed into the kernel. Obtained from: NetBSD MFC after: 3 weeks
Notes: svn path=/head/; revision=217174
Diffstat (limited to 'sys/netsmb')
3 files changed, 16 insertions, 14 deletions
diff --git a/sys/netsmb/smb_dev.h b/sys/netsmb/smb_dev.h
index 8eb41f30303c..67149e1b6cec 100644
--- a/sys/netsmb/smb_dev.h
+++ b/sys/netsmb/smb_dev.h
@@ -58,9 +58,9 @@
struct smbioc_ossn {
int ioc_opt;
- int ioc_svlen; /* size of ioc_server address */
+ uint32_t ioc_svlen; /* size of ioc_server address */
struct sockaddr*ioc_server;
- int ioc_lolen; /* size of ioc_local address */
+ uint32_t ioc_lolen; /* size of ioc_local address */
struct sockaddr*ioc_local;
char ioc_srvname[SMB_MAXSRVNAMELEN + 1];
int ioc_timeout;
diff --git a/sys/netsmb/smb_subr.c b/sys/netsmb/smb_subr.c
index 39d3b49e09a4..ade9e17dcb7b 100644
--- a/sys/netsmb/smb_subr.c
+++ b/sys/netsmb/smb_subr.c
@@ -93,7 +93,7 @@ char *
smb_strdup(const char *s)
char *p;
- int len;
+ size_t len;
len = s ? strlen(s) + 1 : 1;
p = malloc(len, M_SMBSTR, M_WAITOK);
@@ -108,11 +108,13 @@ smb_strdup(const char *s)
* duplicate string from a user space.
char *
-smb_strdupin(char *s, int maxlen)
+smb_strdupin(char *s, size_t maxlen)
char *p, bt;
- int error, len = 0;
+ int error;
+ size_t len;
+ len = 0;
for (p = s; ;p++) {
if (copyin(p, &bt, 1))
return NULL;
@@ -135,7 +137,7 @@ smb_strdupin(char *s, int maxlen)
* duplicate memory block from a user space.
void *
-smb_memdupin(void *umem, int len)
+smb_memdupin(void *umem, size_t len)
char *p;
@@ -178,7 +180,7 @@ smb_memfree(void *s)
void *
-smb_zmalloc(unsigned long size, struct malloc_type *type, int flags)
+smb_zmalloc(size_t size, struct malloc_type *type, int flags)
return malloc(size, type, flags | M_ZERO);
@@ -197,12 +199,12 @@ smb_strtouni(u_int16_t *dst, const char *src)
m_dumpm(struct mbuf *m) {
char *p;
- int len;
+ size_t len;
while(m) {
p=mtod(m,char *);
- printf("(%d)",len);
+ printf("(%zu)",len);
printf("%02x ",((int)*(p++)) & 0xff);
@@ -337,7 +339,7 @@ smb_copy_iconv(struct mbchain *mbp, c_caddr_t src, caddr_t dst,
smb_put_dmem(struct mbchain *mbp, struct smb_vc *vcp, const char *src,
- int size, int caseopt)
+ size_t size, int caseopt)
struct iconv_drv *dp = vcp->vc_toserver;
diff --git a/sys/netsmb/smb_subr.h b/sys/netsmb/smb_subr.h
index 12730ccaee06..76d4c0696d84 100644
--- a/sys/netsmb/smb_subr.h
+++ b/sys/netsmb/smb_subr.h
@@ -101,19 +101,19 @@ void smb_makescred(struct smb_cred *scred, struct thread *td, struct ucred *cred
int smb_td_intr(struct thread *);
char *smb_strdup(const char *s);
void *smb_memdup(const void *umem, int len);
-char *smb_strdupin(char *s, int maxlen);
-void *smb_memdupin(void *umem, int len);
+char *smb_strdupin(char *s, size_t maxlen);
+void *smb_memdupin(void *umem, size_t len);
void smb_strtouni(u_int16_t *dst, const char *src);
void smb_strfree(char *s);
void smb_memfree(void *s);
-void *smb_zmalloc(unsigned long size, struct malloc_type *type, int flags);
+void *smb_zmalloc(size_t size, struct malloc_type *type, int flags);
int smb_calcmackey(struct smb_vc *vcp);
int smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN);
int smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN);
int smb_maperror(int eclass, int eno);
int smb_put_dmem(struct mbchain *mbp, struct smb_vc *vcp,
- const char *src, int len, int caseopt);
+ const char *src, size_t len, int caseopt);
int smb_put_dstring(struct mbchain *mbp, struct smb_vc *vcp,
const char *src, int caseopt);
int smb_put_string(struct smb_rq *rqp, const char *src);