data structure pointers as __unbounded.
* sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise.
* sysdeps/generic/bp-semctl.h: New file.
* sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure
pointers as __unbounded. Check bounds of syscall args.
* sysdeps/unix/sysv/linux/msgrcv.c: Likewise.
* sysdeps/unix/sysv/linux/msgsnd.c: Likewise.
* sysdeps/unix/sysv/linux/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/semop.c: Likewise.
* sysdeps/unix/sysv/linux/shmat.c: Likewise.
* sysdeps/unix/sysv/linux/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/shmdt.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise.
2000-07-26 Greg McGary <greg@mcgary.org>
* sysdeps/gnu/bits/msq.h: Qualify kernel's
data structure pointers as __unbounded.
* sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise.
* sysdeps/generic/bp-semctl.h: New file.
* sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure
pointers as __unbounded. Check bounds of syscall args.
* sysdeps/unix/sysv/linux/msgrcv.c: Likewise.
* sysdeps/unix/sysv/linux/msgsnd.c: Likewise.
* sysdeps/unix/sysv/linux/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/semop.c: Likewise.
* sysdeps/unix/sysv/linux/shmat.c: Likewise.
* sysdeps/unix/sysv/linux/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/shmdt.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise.
+2000-07-26 Greg McGary <greg@mcgary.org>
+
+ * sysdeps/gnu/bits/msq.h: Qualify kernel's
+ data structure pointers as __unbounded.
+ * sysdeps/unix/sysv/linux/mips/bits/shm.h: Likewise.
+ * sysdeps/generic/bp-semctl.h: New file.
+ * sysdeps/unix/sysv/linux/msgctl.c: Qualify kernel's data structure
+ pointers as __unbounded. Check bounds of syscall args.
+ * sysdeps/unix/sysv/linux/msgrcv.c: Likewise.
+ * sysdeps/unix/sysv/linux/msgsnd.c: Likewise.
+ * sysdeps/unix/sysv/linux/semctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/semop.c: Likewise.
+ * sysdeps/unix/sysv/linux/shmat.c: Likewise.
+ * sysdeps/unix/sysv/linux/shmctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/shmdt.c: Likewise.
+ * sysdeps/unix/sysv/linux/alpha/msgctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/alpha/semctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/alpha/shmctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/i386/msgctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/i386/semctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/i386/shmctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/sparc/sparc64/msgctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/sparc/sparc64/semctl.c: Likewise.
+ * sysdeps/unix/sysv/linux/sparc/sparc64/shmctl.c: Likewise.
+
2000-07-26 Ulrich Drepper <drepper@redhat.com>
* libio/iofwide.c: Enable transliteration for conversion from wchar_t
--- /dev/null
+/* Bounded-pointer checking macros for C.
+ Copyright (C) 2000 Free Software Foundation, Inc.
+ Contributed by Greg McGary <greg@mcgary.org>
+
+ This file is part of the GNU C Library. Its master source is NOT part of
+ the C library, however. The master source lives in the GNU MP Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the GNU C Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA. */
+
+#ifndef _bp_semctl_h_
+#define _bp_semctl_h_ 1
+
+#if __BOUNDED_POINTERS__
+
+# define CHECK_SEMCTL(ARGP, SEMID, CMD) check_semctl (ARGP, SEMID, CMD)
+
+union semun *__unbounded
+check_semctl (union semun *arg, int semid, int cmd)
+{
+ int ipc64 = (cmd & __IPC_64);
+
+ switch (cmd & ~__IPC_64)
+ {
+ case IPC_STAT:
+ case IPC_SET:
+ (void) CHECK_1 (arg->buf);
+ break;
+
+ case GETALL:
+ case SETALL:
+ {
+ struct semid_ds ds;
+ union semun un = { buf: &ds; };
+ unsigned int length = ~0;
+
+ /* It's unfortunate that we need to make a recursive
+ system call to get the size of the semaphore set... */
+ if (semctl (semid, semnum, IPC_STAT | ipc64, un) == 0)
+ length = ds.sem_nsems;
+ (void) CHECK_N (arg->array, length);
+ break;
+ }
+
+ case IPC_INFO:
+ (void) CHECK_1 (arg->__buf);
+ break;
+ }
+
+ return __ptrvalue (arg);
+}
+
+#else
+# define CHECK_SEMCTL(ARGP, SEMID, CMD) (ARGP)
+#endif
+
+#endif /* _bp_semctl_h_ */
struct msqid_ds
{
struct ipc_perm msg_perm; /* structure describing operation permission */
- struct msg *__msg_first; /* pointer to first message on queue */
- struct msg *__msg_last; /* pointer to last message on queue */
+ struct msg *__unbounded __msg_first; /* pointer to first message on queue */
+ struct msg *__unbounded __msg_last; /* pointer to last message on queue */
__time_t msg_stime; /* time of last msgsnd command */
__time_t msg_rtime; /* time of last msgrcv command */
__time_t msg_ctime; /* time of last change */
- struct wait_queue *__wwait; /* ??? */
- struct wait_queue *__rwait; /* ??? */
+ struct wait_queue *__unbounded __wwait; /* ??? */
+ struct wait_queue *__unbounded __rwait; /* ??? */
unsigned short int __msg_cbytes;/* current number of bytes on queue */
msgqnum_t msg_qnum; /* number of messages currently on queue */
msglen_t msg_qbytes; /* max number of bytes allowed on queue */
#include <sysdep.h>
#include <string.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
#include "kernel-features.h"
struct __old_msqid_ds
{
struct __old_ipc_perm msg_perm; /* structure describing operation permission */
- struct msg *__msg_first; /* pointer to first message on queue */
- struct msg *__msg_last; /* pointer to last message on queue */
+ struct msg *__unbounded __msg_first; /* pointer to first message on queue */
+ struct msg *__unbounded __msg_last; /* pointer to last message on queue */
__time_t msg_stime; /* time of last msgsnd command */
__time_t msg_rtime; /* time of last msgrcv command */
__time_t msg_ctime; /* time of last change */
- struct wait_queue *__wwait; /* ??? */
- struct wait_queue *__rwait; /* ??? */
+ struct wait_queue *__unbounded __wwait; /* ??? */
+ struct wait_queue *__unbounded __rwait; /* ??? */
unsigned short int __msg_cbytes; /* current number of bytes on queue */
unsigned short int msg_qnum; /* number of messages currently on queue */
unsigned short int msg_qbytes; /* max number of bytes allowed on queue */
of time. However, msg_qnum and msg_qbytes changed size at
the same time the size of uid changed elsewhere. */
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, buf);
+ return INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, CHECK_1 (buf));
#else
switch (cmd) {
case MSG_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (msgctl, 3, msqid, cmd, buf);
+ return INLINE_SYSCALL (msgctl, 3, msqid, cmd, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new msgctl. */
- result = INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, buf);
+ result = INLINE_SYSCALL (msgctl, 3, msqid, cmd | __IPC_64, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (msgctl, 3, msqid, cmd, &old);
+ result = INLINE_SYSCALL (msgctl, 3, msqid, cmd, __ptrvalue (&old));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <shlib-compat.h>
versioned_symbol (libc, __new_msgctl, msgctl, GLIBC_2_2);
-
struct seminfo *__buf; /* buffer for IPC_INFO */
};
+#include <bp-checks.h>
+#include <bp-semctl.h> /* definition of CHECK_SEMCTL needs union semum */
+
extern int __syscall_semctl (int, int, int, void *);
/* Return identifier for array of NSEMS semaphores associated with
va_end (ap);
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64, &arg);
+ return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
#else
switch (cmd) {
case SEM_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (semctl, 4, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new semctl. */
- result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64, &arg);
+ result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd, &arg);
+ result = INLINE_SYSCALL (semctl, 4, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <string.h>
#include <sys/syscall.h>
#include <bits/wordsize.h>
+#include <bp-checks.h>
#include "kernel-features.h"
__ipc_pid_t shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
struct __old_shminfo
__new_shmctl (int shmid, int cmd, struct shmid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, buf);
+ return INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, CHECK_1 (buf));
#else
switch (cmd) {
case SHM_STAT:
case IPC_INFO:
break;
default:
- return INLINE_SYSCALL (shmctl, 3, shmid, cmd, buf);
+ return INLINE_SYSCALL (shmctl, 3, shmid, cmd, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new shmctl. */
- result = INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, buf);
+ result = INLINE_SYSCALL (shmctl, 3, shmid, cmd | __IPC_64, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (shmctl, 3, shmid, cmd, &old);
+ result = INLINE_SYSCALL (shmctl, 3, shmid, cmd, __ptrvalue (&old));
if (result != -1 && (cmd == SHM_STAT || cmd == IPC_STAT))
{
memset(buf, 0, sizeof(*buf));
#include <sysdep.h>
#include <string.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
#include "kernel-features.h"
#include <shlib-compat.h>
struct __old_msqid_ds
{
struct __old_ipc_perm msg_perm; /* structure describing operation permission */
- struct msg *__msg_first; /* pointer to first message on queue */
- struct msg *__msg_last; /* pointer to last message on queue */
+ struct msg *__unbounded __msg_first; /* pointer to first message on queue */
+ struct msg *__unbounded __msg_last; /* pointer to last message on queue */
__time_t msg_stime; /* time of last msgsnd command */
__time_t msg_rtime; /* time of last msgrcv command */
__time_t msg_ctime; /* time of last change */
- struct wait_queue *__wwait; /* ??? */
- struct wait_queue *__rwait; /* ??? */
+ struct wait_queue *__unbounded __wwait; /* ??? */
+ struct wait_queue *__unbounded __rwait; /* ??? */
unsigned short int __msg_cbytes; /* current number of bytes on queue */
unsigned short int msg_qnum; /* number of messages currently on queue */
unsigned short int msg_qbytes; /* max number of bytes allowed on queue */
int
__old_msgctl (int msqid, int cmd, struct __old_msqid_ds *buf)
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd, 0, CHECK_1 (buf));
}
compat_symbol (libc, __old_msgctl, msgctl, GLIBC_2_0);
#endif
__new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
#else
switch (cmd) {
case MSG_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd, 0, CHECK_1 (buf));
}
{
}
if (__libc_missing_32bit_uids <= 0)
{
- result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
return result;
}
}
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, &old);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd, 0, __ptrvalue (&old));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
struct seminfo *__buf; /* buffer for IPC_INFO */
};
+#include <bp-checks.h>
+#include <bp-semctl.h> /* definition of CHECK_SEMCTL needs union semum */
+
#ifdef __NR_getuid32
# if __ASSUME_32BITUIDS == 0
/* This variable is shared with all files that need to check for 32bit
va_end (ap);
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
compat_symbol (libc, __old_semctl, semctl, GLIBC_2_0);
#endif
va_end (ap);
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
#else
switch (cmd) {
case SEM_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
{
}
if (__libc_missing_32bit_uids <= 0)
{
- result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64, &arg);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
return result;
}
}
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <string.h>
#include <sys/syscall.h>
#include <bits/wordsize.h>
+#include <bp-checks.h>
#include "kernel-features.h"
#include <shlib-compat.h>
__ipc_pid_t shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
struct __old_shminfo
int
__old_shmctl (int shmid, int cmd, struct __old_shmid_ds *buf)
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl,
+ shmid, cmd, 0, CHECK_1 (buf));
}
compat_symbol (libc, __old_shmctl, shmctl, GLIBC_2_0);
#endif
__new_shmctl (int shmid, int cmd, struct shmid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl,
+ shmid, cmd | __IPC_64, 0, CHECK_1 (buf));
#else
switch (cmd) {
case SHM_STAT:
# endif
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl,
+ shmid, cmd, 0, CHECK_1 (buf));
}
{
__set_errno(save_errno);
}
if (__libc_missing_32bit_uids <= 0)
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64,
- 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl,
+ shmid, cmd | __IPC_64, 0, CHECK_1 (buf));
}
# endif
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, &old);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl,
+ shmid, cmd, 0, __ptrvalue (&old));
if (result != -1 && (cmd == SHM_STAT || cmd == IPC_STAT))
{
memset(buf, 0, sizeof(*buf));
-/* Copyright (C) 1995, 1996, 1997 Free Software Foundation, Inc.
+/* Copyright (C) 1995, 1996, 1997, 2000 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
long int shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
#ifdef __USE_MISC
#include <string.h>
#include <sys/syscall.h>
#include <shlib-compat.h>
+#include <bp-checks.h>
#include "kernel-features.h"
struct __old_msqid_ds
{
struct __old_ipc_perm msg_perm; /* structure describing operation permission */
- struct msg *__msg_first; /* pointer to first message on queue */
- struct msg *__msg_last; /* pointer to last message on queue */
+ struct msg *__unbounded __msg_first; /* pointer to first message on queue */
+ struct msg *__unbounded __msg_last; /* pointer to last message on queue */
__time_t msg_stime; /* time of last msgsnd command */
__time_t msg_rtime; /* time of last msgrcv command */
__time_t msg_ctime; /* time of last change */
- struct wait_queue *__wwait; /* ??? */
- struct wait_queue *__rwait; /* ??? */
+ struct wait_queue *__unbounded __wwait; /* ??? */
+ struct wait_queue *__unbounded __rwait; /* ??? */
unsigned short int __msg_cbytes; /* current number of bytes on queue */
unsigned short int msg_qnum; /* number of messages currently on queue */
unsigned short int msg_qbytes; /* max number of bytes allowed on queue */
int
__old_msgctl (int msqid, int cmd, struct __old_msqid_ds *buf)
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, CHECK_1 (buf));
}
compat_symbol (libc, __old_msgctl, msgctl, GLIBC_2_0);
#endif
__new_msgctl (int msqid, int cmd, struct msqid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
#else
switch (cmd) {
case MSG_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd, 0, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new msgctl. */
- result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd | __IPC_64, 0, buf);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd | __IPC_64, 0, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, &old);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_msgctl,
+ msqid, cmd, 0, __ptrvalue (&old));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
/* Kludge to work around Linux' restriction of only up to five
arguments to a system call. */
struct ipc_kludge
{
- void *msgp;
+ void *__unbounded msgp;
long int msgtyp;
};
fives parameters to a system call. */
struct ipc_kludge tmp;
- tmp.msgp = msgp;
+ tmp.msgp = CHECK_N (msgp, msgsz);
tmp.msgtyp = msgtyp;
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgrcv, msqid, msgsz, msgflg, &tmp);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgrcv, msqid, msgsz, msgflg, __ptrvalue (&tmp));
}
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
+
int
msgsnd (msqid, msgp, msgsz, msgflg)
int msqid;
size_t msgsz;
int msgflg;
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgsnd, msqid, msgsz, msgflg, (void *)msgp);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgsnd, msqid, msgsz,
+ msgflg, CHECK_N (msgp, msgsz));
}
struct __old_ipc_perm sem_perm; /* operation permission struct */
__time_t sem_otime; /* last semop() time */
__time_t sem_ctime; /* last time changed by semctl() */
- struct sem *__sembase; /* ptr to first semaphore in array */
- struct sem_queue *__sem_pending; /* pending operations */
- struct sem_queue *__sem_pending_last; /* last pending operation */
- struct sem_undo *__undo; /* ondo requests on this array */
+ struct sem *__unbounded __sembase; /* ptr to first semaphore in array */
+ struct sem_queue *__unbounded __sem_pending; /* pending operations */
+ struct sem_queue *__unbounded __sem_pending_last; /* last pending operation */
+ struct sem_undo *__unbounded __undo; /* ondo requests on this array */
unsigned short int sem_nsems; /* number of semaphores in set */
};
struct seminfo *__buf; /* buffer for IPC_INFO */
};
+#include <bp-checks.h>
+#include <bp-semctl.h> /* definition of CHECK_SEMCTL needs union semum */
/* Return identifier for array of NSEMS semaphores associated with
KEY. */
va_end (ap);
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
compat_symbol (libc, __old_semctl, semctl, GLIBC_2_0);
#endif
va_end (ap);
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
#else
- switch (cmd) {
+ switch (cmd)
+ {
case SEM_STAT:
case IPC_STAT:
case IPC_SET:
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
- }
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
+ }
{
int save_errno = errno, result;
/* Unfortunately there is no way how to find out for sure whether
we should use old or new semctl. */
- result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64, &arg);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd | __IPC_64,
+ CHECK_SEMCTL (&arg, semid, cmd | __IPC_64));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
if (result != -1 && cmd != IPC_SET)
{
memset(buf, 0, sizeof(*buf));
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
/* Perform user-defined atomical operation of array of semaphores. */
struct sembuf *sops;
size_t nsops;
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_semop, semid, (int) nsops, 0, sops);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semop,
+ semid, (int) nsops, 0, CHECK_N (sops, nsops));
}
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
/* Attach the shared memory segment associated with SHMID to the data
segment of the calling process. SHMADDR and SHMFLG determine how
const void *shmaddr;
int shmflg;
{
- long int retval;
- unsigned long raddr;
-
- retval = INLINE_SYSCALL (ipc, 5, IPCOP_shmat, shmid, shmflg,
- (long int) &raddr, (void *) shmaddr);
- return ((unsigned long int) retval > -(unsigned long int) SHMLBA
- ? (void *) retval : (void *) raddr);
+ void *__unbounded result;
+ void *__unbounded raddr;
+
+#if __BOUNDED_POINTERS__
+ size_t length = ~0;
+ struct shmid_ds shmds;
+ /* It's unfortunate that we need to make another system call to get
+ the shared memory segment length... */
+ if (shmctl (shmid, ICP_STAT, &shmds) == 0)
+ length = shmds.shm_segsz;
+#endif
+
+ result = (void *__unbounded) INLINE_SYSCALL (ipc, 5, IPCOP_shmat, shmid, shmflg,
+ __ptrvalue (&raddr),
+ __ptrvalue (shmaddr));
+ if ((unsigned long) result <= -(unsigned long) SHMLBA)
+ result = raddr;
+
+ return BOUNDED_N (result, length);
}
#include <sys/syscall.h>
#include <bits/wordsize.h>
#include <shlib-compat.h>
+#include <bp-checks.h>
#include "kernel-features.h"
__ipc_pid_t shm_lpid; /* pid of last shmop */
unsigned short int shm_nattch; /* number of current attaches */
unsigned short int __shm_npages; /* size of segment (pages) */
- unsigned long int *__shm_pages; /* array of ptrs to frames -> SHMMAX */
- struct vm_area_struct *__attaches; /* descriptors for attaches */
+ unsigned long int *__unbounded __shm_pages; /* array of ptrs to frames -> SHMMAX */
+ struct vm_area_struct *__unbounded __attaches; /* descriptors for attaches */
};
struct __old_shminfo
int
__old_shmctl (int shmid, int cmd, struct __old_shmid_ds *buf)
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid,
+ cmd, 0, CHECK_1opt (buf));
}
compat_symbol (libc, __old_shmctl, shmctl, GLIBC_2_0);
#endif
__new_shmctl (int shmid, int cmd, struct shmid_ds *buf)
{
#if __ASSUME_32BITUIDS > 0
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64, 0, CHECK_1 (buf));
#else
switch (cmd) {
case SHM_STAT:
#endif
break;
default:
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, CHECK_1 (buf));
}
{
/* Unfortunately there is no way how to find out for sure whether
we should use old or new shmctl. */
- result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64, 0, buf);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd | __IPC_64, 0, CHECK_1 (buf));
if (result != -1 || errno != EINVAL)
return result;
return -1;
}
}
- result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, &old);
+ result = INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, __ptrvalue (&old));
if (result != -1 && (cmd == SHM_STAT || cmd == IPC_STAT))
{
memset(buf, 0, sizeof(*buf));
shmdt (shmaddr)
const void *shmaddr;
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmdt, 0, 0, 0, (void *) shmaddr);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmdt, 0, 0, 0, __ptrvalue ((void *) shmaddr));
}
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
/* Allows to control internal state and destruction of message queue
objects. */
int cmd;
struct msqid_ds *buf;
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_msgctl, msqid, cmd, 0, CHECK_1 (buf));
}
struct seminfo *__buf; /* buffer for IPC_INFO */
};
+#include <bp-checks.h>
+#include <bp-semctl.h> /* definition of CHECK_SEMCTL needs union semum */
/* Return identifier for array of NSEMS semaphores associated with
KEY. */
va_end (ap);
- return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd, &arg);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_semctl, semid, semnum, cmd,
+ CHECK_SEMCTL (&arg, semid, cmd));
}
#include <sysdep.h>
#include <sys/syscall.h>
+#include <bp-checks.h>
/* Provide operations to control over shared memory segments. */
int cmd;
struct shmid_ds *buf;
{
- return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, buf);
+ return INLINE_SYSCALL (ipc, 5, IPCOP_shmctl, shmid, cmd, 0, CHECK_1 (buf));
}
projects / platform / upstream / glibc.git / commitdiff