From 6d2e2df764199f0a15fd743e79599391959cc17d Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Fri, 23 Nov 2018 22:24:59 +0000 Subject: Ensure that directory entry padding bytes are zeroed. Directory entries must be padded to maintain alignment; in many filesystems the padding was not initialized, resulting in stack memory being copied out to userspace. With the ino64 work there are also some explicit pad fields in struct dirent. Add a subroutine to clear these bytes and use it in the in-tree filesystems. The NFS client is omitted for now as it was fixed separately in r340787. Reported by: Thomas Barabosch, Fraunhofer FKIE Reviewed by: kib MFC after: 3 days Sponsored by: The FreeBSD Foundation --- sys/fs/udf/udf_vnops.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'sys/fs/udf') diff --git a/sys/fs/udf/udf_vnops.c b/sys/fs/udf/udf_vnops.c index 30558cf86931..b1b004f95166 100644 --- a/sys/fs/udf/udf_vnops.c +++ b/sys/fs/udf/udf_vnops.c @@ -843,10 +843,10 @@ udf_readdir(struct vop_readdir_args *a) dir.d_fileno = node->hash_id; dir.d_type = DT_DIR; dir.d_name[0] = '.'; - dir.d_name[1] = '\0'; dir.d_namlen = 1; dir.d_reclen = GENERIC_DIRSIZ(&dir); dir.d_off = 1; + dirent_terminate(&dir); uiodir.dirent = &dir; error = udf_uiodir(&uiodir, dir.d_reclen, uio, 1); if (error) @@ -856,10 +856,10 @@ udf_readdir(struct vop_readdir_args *a) dir.d_type = DT_DIR; dir.d_name[0] = '.'; dir.d_name[1] = '.'; - dir.d_name[2] = '\0'; dir.d_namlen = 2; dir.d_reclen = GENERIC_DIRSIZ(&dir); dir.d_off = 2; + dirent_terminate(&dir); uiodir.dirent = &dir; error = udf_uiodir(&uiodir, dir.d_reclen, uio, 2); } else { @@ -870,6 +870,7 @@ udf_readdir(struct vop_readdir_args *a) DT_DIR : DT_UNKNOWN; dir.d_reclen = GENERIC_DIRSIZ(&dir); dir.d_off = ds->this_off; + dirent_terminate(&dir); uiodir.dirent = &dir; error = udf_uiodir(&uiodir, dir.d_reclen, uio, ds->this_off); -- cgit v1.2.3