diff -rup hurd.orig/libnetfs/ChangeLog hurd/libnetfs/ChangeLog --- hurd.orig/libnetfs/ChangeLog Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/ChangeLog Wed Aug 1 01:21:34 2001 @@ -1,3 +1,21 @@ +2001-08-01 Igor Khavkine + + * dir-lookup.c: Added checks for validity of malloc'ed memory. + * file-get-translator.c: Same as above. + * make-peropen.c: Same as above. + + * make-protid.c (netfs_make_protid): Set `errno' to the + appropriate value and return NULL if the first argument + is NULL. + * dir-lookup.c: make sure NULL return from `netfs_make_protid' is + properly handled. + * dir-mkfile.c: Same as above. + * file-exec.c: Same as above. + * fsys-getroot.c: Same as above. + * io-duplicate.c: Same as above. + * io-reauthenticate.c: Same as above. + * io-restrict-auth.c: Same as above. + 2001-06-21 Neal H Walfield * file-getcontrol.c (netfs_S_file_getcontrol): When checking if diff -rup hurd.orig/libnetfs/dir-lookup.c hurd/libnetfs/dir-lookup.c --- hurd.orig/libnetfs/dir-lookup.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/dir-lookup.c Wed Aug 1 00:55:54 2001 @@ -214,12 +214,16 @@ netfs_S_dir_lookup (struct protid *dirus ? _HURD_CHRDEV : _HURD_BLKDEV), 0, major (np->nn_stat.st_rdev), 0, minor (np->nn_stat.st_rdev)); + if (! *argz) + return ENOMEM; *argz_len = strlen (*argz) + 1; *argz_len += strlen (*argz + *argz_len) + 1; *argz_len += strlen (*argz + *argz_len) + 1; break; case S_IFIFO: asprintf (argz, "%s", _HURD_FIFO); + if (! *argz) + return ENOMEM; *argz_len = strlen (*argz) + 1; break; default: @@ -243,7 +247,7 @@ netfs_S_dir_lookup (struct protid *dirus if (! newpi) { iohelp_free_iouser (user); - error = ENOMEM; + error = errno; } } @@ -381,6 +385,11 @@ netfs_S_dir_lookup (struct protid *dirus newpi = netfs_make_protid (netfs_make_peropen (np, flags, diruser->po), user); + if (! newpi) + { + error = errno; + goto out; + } *retry_port = ports_get_right (newpi); ports_port_deref (newpi); diff -rup hurd.orig/libnetfs/dir-mkfile.c hurd/libnetfs/dir-mkfile.c --- hurd.orig/libnetfs/dir-mkfile.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/dir-mkfile.c Wed Aug 1 00:56:02 2001 @@ -44,9 +44,14 @@ netfs_S_dir_mkfile (struct protid *dirus newpi = netfs_make_protid (netfs_make_peropen (np, flags, diruser->po), user); - *newfile = ports_get_right (newpi); - *newfiletype = MACH_MSG_TYPE_MAKE_SEND; - ports_port_deref (newpi); + if (newpi) + { + *newfile = ports_get_right (newpi); + *newfiletype = MACH_MSG_TYPE_MAKE_SEND; + ports_port_deref (newpi); + } + else + err = errno; } netfs_nput (np); } diff -rup hurd.orig/libnetfs/file-exec.c hurd/libnetfs/file-exec.c --- hurd.orig/libnetfs/file-exec.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/file-exec.c Wed Aug 1 00:56:10 2001 @@ -130,16 +130,21 @@ netfs_S_file_exec (struct protid *cred, { newpi = netfs_make_protid (netfs_make_peropen (np, O_READ, cred->po), user); - right = ports_get_send_right (newpi); - err = exec_exec (_netfs_exec, - right, MACH_MSG_TYPE_COPY_SEND, - task, flags, argv, argvlen, envp, envplen, - fds, MACH_MSG_TYPE_COPY_SEND, fdslen, - portarray, MACH_MSG_TYPE_COPY_SEND, portarraylen, - intarray, intarraylen, deallocnames, deallocnameslen, - destroynames, destroynameslen); - mach_port_deallocate (mach_task_self (), right); - ports_port_deref (newpi); + if (newpi) + { + right = ports_get_send_right (newpi); + err = exec_exec (_netfs_exec, + right, MACH_MSG_TYPE_COPY_SEND, + task, flags, argv, argvlen, envp, envplen, + fds, MACH_MSG_TYPE_COPY_SEND, fdslen, + portarray, MACH_MSG_TYPE_COPY_SEND, portarraylen, + intarray, intarraylen, deallocnames, deallocnameslen, + destroynames, destroynameslen); + mach_port_deallocate (mach_task_self (), right); + ports_port_deref (newpi); + } + else + err = errno; } } diff -rup hurd.orig/libnetfs/file-get-translator.c hurd/libnetfs/file-get-translator.c --- hurd.orig/libnetfs/file-get-translator.c Wed Apr 25 13:36:49 2001 +++ hurd/libnetfs/file-get-translator.c Wed Aug 1 01:14:12 2001 @@ -75,12 +75,17 @@ netfs_S_file_get_translator (struct prot '\0', (np->nn_stat.st_rdev) & 0377); buflen++; /* terminating nul */ - if (buflen > *translen) - *trans = mmap (0, buflen, PROT_READ|PROT_WRITE, MAP_ANON, 0, 0); - memcpy (*trans, buf, buflen); - free (buf); - *translen = buflen; - err = 0; + if (! buf) + err = ENOMEM; + else + { + if (buflen > *translen) + *trans = mmap (0, buflen, PROT_READ|PROT_WRITE, MAP_ANON, 0, 0); + memcpy (*trans, buf, buflen); + free (buf); + *translen = buflen; + err = 0; + } } else if (S_ISFIFO (np->nn_stat.st_mode)) { diff -rup hurd.orig/libnetfs/fsys-getroot.c hurd/libnetfs/fsys-getroot.c --- hurd.orig/libnetfs/fsys-getroot.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/fsys-getroot.c Wed Aug 1 00:57:26 2001 @@ -130,6 +130,11 @@ netfs_S_fsys_getroot (mach_port_t cntl, newpi = netfs_make_protid (netfs_make_peropen (netfs_root_node, flags, &peropen_context), cred); + if (! newpi) + { + err = errno; + goto out; + } mach_port_deallocate (mach_task_self (), dotdot); *do_retry = FS_RETRY_NORMAL; diff -rup hurd.orig/libnetfs/io-duplicate.c hurd/libnetfs/io-duplicate.c --- hurd.orig/libnetfs/io-duplicate.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/io-duplicate.c Wed Aug 1 00:59:02 2001 @@ -36,6 +36,12 @@ netfs_S_io_duplicate (struct protid *use mutex_lock (&user->po->np->lock); newpi = netfs_make_protid (user->po, clone); + if (! newpi) + { + iohelp_free_iouser (clone); + mutex_unlock (&user->po->np->lock); + return errno; + } *newport = ports_get_right (newpi); mutex_unlock (&user->po->np->lock); *newporttp = MACH_MSG_TYPE_MAKE_SEND; diff -rup hurd.orig/libnetfs/io-reauthenticate.c hurd/libnetfs/io-reauthenticate.c --- hurd.orig/libnetfs/io-reauthenticate.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/io-reauthenticate.c Wed Aug 1 00:59:46 2001 @@ -33,6 +33,11 @@ netfs_S_io_reauthenticate (struct protid mutex_lock (&user->po->np->lock); newpi = netfs_make_protid (user->po, 0); + if (! newpi) + { + mutex_unlock (&user->po->np->lock); + return errno; + } newright = ports_get_send_right (newpi); assert (newright != MACH_PORT_NULL); diff -rup hurd.orig/libnetfs/io-restrict-auth.c hurd/libnetfs/io-restrict-auth.c --- hurd.orig/libnetfs/io-restrict-auth.c Wed Jul 25 01:50:00 2001 +++ hurd/libnetfs/io-restrict-auth.c Wed Aug 1 01:00:06 2001 @@ -107,7 +107,7 @@ netfs_S_io_restrict_auth (struct protid { mutex_unlock (&user->po->np->lock); iohelp_free_iouser (new_user); - err = ENOMEM; + err = errno; } ports_port_deref (newpi); diff -rup hurd.orig/libnetfs/make-peropen.c hurd/libnetfs/make-peropen.c --- hurd.orig/libnetfs/make-peropen.c Sun Mar 2 16:12:03 1997 +++ hurd/libnetfs/make-peropen.c Wed Aug 1 00:43:30 2001 @@ -25,6 +25,8 @@ struct peropen * netfs_make_peropen (struct node *np, int flags, struct peropen *context) { struct peropen *po = malloc (sizeof (struct peropen)); + if (! po) + return NULL; po->filepointer = 0; po->lock_status = LOCK_UN; diff -rup hurd.orig/libnetfs/make-protid.c hurd/libnetfs/make-protid.c --- hurd.orig/libnetfs/make-protid.c Mon Nov 18 18:51:10 1996 +++ hurd/libnetfs/make-protid.c Wed Aug 1 01:16:39 2001 @@ -18,12 +18,22 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA. */ +#include + #include "netfs.h" struct protid * netfs_make_protid (struct peropen *po, struct iouser *cred) { struct protid *pi; + + if (! po) + { + /* There can only be two reasons for PO to be NULL */ + if (errno != ENOMEM) + errno = EINVAL; + return NULL; + } if (cred) errno = ports_create_port (netfs_protid_class, netfs_port_bucket,