Here is another version of the MNAMELEN mount fix. Comments ?
Patrick
--
Patrick Guelat, ImproWare AG Network Services, CH-4133 Pratteln
Mail: [EMAIL PROTECTED] - Phone: +41 61 826 93 00 (ext: 13)
-------------------------------------------------------------------------------
*** sys/kern/vfs_syscalls.c Fri Feb 9 07:09:52 2001
--- sys/kern/vfs_syscalls.c~ Fri Feb 16 16:31:59 2001
***************
*** 121,126 ****
--- 121,128 ----
struct vattr va;
struct nameidata nd;
char fstypename[MFSNAMELEN];
+ char mountpoint[MAXPATHLEN];
+ size_t mplen;
if (usermount == 0 && (error = suser(p)))
return (error);
***************
*** 138,147 ****
if (suser_xxx(p->p_ucred, 0, 0))
SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
/*
* Get vnode to be covered
*/
! NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
! SCARG(uap, path), p);
if ((error = namei(&nd)) != 0)
return (error);
NDFREE(&nd, NDF_ONLY_PNBUF);
--- 140,157 ----
if (suser_xxx(p->p_ucred, 0, 0))
SCARG(uap, flags) |= MNT_NOSUID | MNT_NODEV;
/*
+ * Limit pathnamelength to MNAMELEN
+ */
+ error = copyinstr(SCARG(uap, path), mountpoint, MAXPATHLEN, &mplen);
+ if(!error && mplen>MNAMELEN)
+ error = ENAMETOOLONG;
+ if(error)
+ return (error);
+ /*
* Get vnode to be covered
*/
! NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
! mountpoint, p);
if ((error = namei(&nd)) != 0)
return (error);
NDFREE(&nd, NDF_ONLY_PNBUF);
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
