data structure pointers as __unbounded.
* sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise.
* sysdeps/generic/bp-semctl.h: New file.
* sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure
pointers as __unbounded. Check bounds of syscall args.
* sysdeps/unix/sysv/linux/msgrcv.c: Likewise.
* sysdeps/unix/sysv/linux/msgsnd.c: Likewise.
* sysdeps/unix/sysv/linux/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/semop.c: Likewise.
* sysdeps/unix/sysv/linux/shmat.c: Likewise.
* sysdeps/unix/sysv/linux/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/shmdt.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise.
#include <sysdep.h>
#include <string.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
#include "kernel-features.h"
struct __old_msqid_ds
{
struct __old_ipc_perm msg_perm; /* structure describing operation permission */
- struct msg *__msg_first; /* pointer to first message on queue */
- struct msg *__msg_last; /* pointer to last message on queue */
+ struct msg *__unbounded __msg_first; /* pointer to first message on queue */
+ struct msg *__unbounded __msg_last; /* pointer to last message on queue */
__time_t msg_stime; /* time of last msgsnd command */
__time_t msg_rtime; /* time of last msgrcv command */
__time_t msg_ctime; /* time of last change */
- struct wait_queue *__wwait; /* ??? */
- struct wait_queue *__rwait; /* ??? */
+ struct wait_queue *__unbounded __wwait; /* ??? */
+ struct wait_queue *__unbounded __rwait; /* ??? */
unsigned short int __msg_cbytes; /* current number of bytes on queue */
unsigned short int msg_qnum; /* number of messages currently on queue */
unsigned short int msg_qbytes; /* max number of bytes allowed on queue */
of time. However, msg_qnum and msg_qbytes changed size at
the same time the size of uid changed elsewhere. */
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, buf);
+ return INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, CHECK_1 (buf));
#else
switch (cmd) {
case MSG_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (msgctl, 3, msqid, cmd, buf);
+ return INLINE_SYSCALL (msgctl, 3, msqid, cmd, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new msgctl. */
- result = INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, buf);
+ result = INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (msgctl, 3, msqid, cmd, &old);
+ result = INLINE_SYSCALL (msgctl, 3, msqid, cmd, __ptrvalue (&old));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <shlib-compat.h>
versioned_symbol (libc, __new_msgctl, msgctl, GLIBC_2_2);
-
struct seminfo *__buf; /* buffer for IPC_INFO */
};
+#include <bp-checks.h>
+#include <bp-semctl.h> /* definition of CHECK_SEMCTL needs union semum */
+
extern int __syscall_semctl (int, int, int, void *);
/* Return identifier for array of NSEMS semaphores associated with
va_end (ap);
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64, &arg);
+ return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
#else
switch (cmd) {
case SEM_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new semctl. */
- result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64, &arg);
+ result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd, &arg);
+ result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <string.h>
#include <sys/syscall.h>
#include <bits/wordsize.h>
+#include <bp-checks.h>
#include "kernel-features.h"
__ipc_pid_t shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
struct __old_shminfo
__new_shmctl (int shmid, int cmd, struct shmid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, buf);
+ return INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, CHECK_1 (buf));
#else
switch (cmd) {
case SHM_STAT:
case IPC_INFO:
break;
default:
- return INLINE_SYSCALL (shmctl, 3, shmid, cmd, buf);
+ return INLINE_SYSCALL (shmctl, 3, shmid, cmd, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new shmctl. */
- result = INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, buf);
+ result = INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (shmctl, 3, shmid, cmd, &old);
+ result = INLINE_SYSCALL (shmctl, 3, shmid, cmd, __ptrvalue (&old));
if (result != -1 && (cmd == SHM_STAT || cmd == IPC_STAT))
{
memset(buf, 0, sizeof(*buf));
-/* Copyright (C) 1995, 1996, 1997 Free Software Foundation, Inc.
+/* Copyright (C) 1995, 1996, 1997, 2000 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
long int shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
#ifdef __USE_MISC
projects / platform / upstream / linaro-glibc.git / commitdiff