From 1992ae5f95275306f3211d054d8bbd4d59258ebc Mon Sep 17 00:00:00 2001 From: mickey Date: Mon, 25 Mar 1996 18:02:55 +0000 Subject: [PATCH] Fixed bug while copying args in mount that may cause a crash. Types changes and so. --- sys/miscfs/umapfs/umap.h | 29 ++++++++++++++------------ sys/miscfs/umapfs/umap_subr.c | 36 ++++++++++++++++----------------- sys/miscfs/umapfs/umap_vfsops.c | 18 ++++++++--------- sys/miscfs/umapfs/umap_vnops.c | 25 +++++++++++------------ 4 files changed, 55 insertions(+), 53 deletions(-) diff --git a/sys/miscfs/umapfs/umap.h b/sys/miscfs/umapfs/umap.h index 955d2096435..07ffa6b6e70 100644 --- a/sys/miscfs/umapfs/umap.h +++ b/sys/miscfs/umapfs/umap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: umap.h,v 1.4 1996/03/02 00:08:02 niklas Exp $ */ +/* $OpenBSD: umap.h,v 1.5 1996/03/25 18:02:55 mickey Exp $ */ /* $NetBSD: umap.h,v 1.6 1996/02/09 22:41:00 christos Exp $ */ /* @@ -40,27 +40,30 @@ * @(#)umap.h 8.3 (Berkeley) 1/21/94 */ -#define MAPFILEENTRIES 64 +#define UMAPFILEENTRIES 64 #define GMAPFILEENTRIES 16 #define NOBODY 32767 #define NULLGROUP 65534 +typedef u_int32_t id_t; +typedef id_t (*id_map_t)[2]; + struct umap_args { - char *target; /* Target of loopback */ - int nentries; /* # of entries in user map array */ - int gnentries; /* # of entries in group map array */ - u_long (*mapdata)[2]; /* pointer to array of user mappings */ - u_long (*gmapdata)[2]; /* pointer to array of group mappings */ + char *target; /* Target of loopback */ + int unentries; /* # of entries in user map array */ + int gnentries; /* # of entries in group map array */ + id_map_t umapdata; /* pointer to array of user mappings */ + id_map_t gmapdata; /* pointer to array of group mappings */ }; struct umap_mount { struct mount *umapm_vfs; struct vnode *umapm_rootvp; /* Reference to root umap_node */ - int info_nentries; /* number of uid mappings */ + int info_unentries; /* number of uid mappings */ int info_gnentries; /* number of gid mappings */ - u_long info_mapdata[MAPFILEENTRIES][2]; /* mapping data for + id_t info_umapdata[UMAPFILEENTRIES][2]; /* mapping data for user mapping in ficus */ - u_long info_gmapdata[GMAPFILEENTRIES][2]; /*mapping data for + id_t info_gmapdata[GMAPFILEENTRIES][2]; /*mapping data for group mapping in ficus */ }; @@ -74,9 +77,9 @@ struct umap_node { struct vnode *umap_vnode; /* Back pointer to vnode/umap_node */ }; -extern int umap_node_create __P((struct mount *mp, struct vnode *target, struct vnode **vpp)); -extern u_long umap_reverse_findid __P((u_long id, u_long map[][2], int nentries)); -extern void umap_mapids __P((struct mount *v_mount, struct ucred *credp)); +extern int umap_node_create __P((struct mount *mp, struct vnode *target, struct vnode **vpp)); +extern id_t umap_reverse_findid __P((id_t id, id_map_t, int nentries)); +extern void umap_mapids __P((struct mount *v_mount, struct ucred *credp)); #define MOUNTTOUMAPMOUNT(mp) ((struct umap_mount *)((mp)->mnt_data)) #define VTOUMAP(vp) ((struct umap_node *)(vp)->v_data) diff --git a/sys/miscfs/umapfs/umap_subr.c b/sys/miscfs/umapfs/umap_subr.c index 45f555eda0a..744785e4593 100644 --- a/sys/miscfs/umapfs/umap_subr.c +++ b/sys/miscfs/umapfs/umap_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umap_subr.c,v 1.5 1996/03/19 21:10:42 mickey Exp $ */ +/* $OpenBSD: umap_subr.c,v 1.6 1996/03/25 18:02:56 mickey Exp $ */ /* $NetBSD: umap_subr.c,v 1.7 1996/02/09 22:41:02 christos Exp $ */ /* @@ -67,7 +67,7 @@ LIST_HEAD(umap_node_hashhead, umap_node) *umap_node_hashtbl; u_long umap_node_hash; -static u_long umap_findid __P((u_long, u_long [][2], int)); +static id_t umap_findid __P((id_t, id_map_t, int)); static struct vnode *umap_node_find __P((struct mount *, struct vnode *)); static int umap_node_alloc __P((struct mount *, struct vnode *, struct vnode **)); @@ -89,15 +89,15 @@ umapfs_init() * umap_findid is called by various routines in umap_vnodeops.c to * find a user or group id in a map. */ -static u_long +static id_t umap_findid(id, map, nentries) - u_long id; - u_long map[][2]; - int nentries; + id_t id; + id_map_t map; + int nentries; { int i; - /* Find uid entry in map */ + /* Find {g,u}id entry in map */ i = 0; while ((iinfo_nentries; - usermap = MOUNTTOUMAPMOUNT(v_mount)->info_mapdata; + unentries = MOUNTTOUMAPMOUNT(v_mount)->info_unentries; + usermap = MOUNTTOUMAPMOUNT(v_mount)->info_umapdata; gnentries = MOUNTTOUMAPMOUNT(v_mount)->info_gnentries; - groupmap = MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata; + groupmap = MOUNTTOUMAPMOUNT(v_mount)->info_gmapdata; /* Find uid entry in map */ diff --git a/sys/miscfs/umapfs/umap_vfsops.c b/sys/miscfs/umapfs/umap_vfsops.c index e12c7fbc296..cfc47b3469e 100644 --- a/sys/miscfs/umapfs/umap_vfsops.c +++ b/sys/miscfs/umapfs/umap_vfsops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umap_vfsops.c,v 1.4 1996/03/19 21:10:43 mickey Exp $ */ +/* $OpenBSD: umap_vfsops.c,v 1.5 1996/03/25 18:02:57 mickey Exp $ */ /* $NetBSD: umap_vfsops.c,v 1.9 1996/02/09 22:41:05 christos Exp $ */ /* @@ -85,7 +85,7 @@ umapfs_mount(mp, path, data, ndp, p) struct vnode *umapm_rootvp; struct umap_mount *amp; size_t size; - int error,i; + int error,i; #ifdef UMAPFS_DIAGNOSTIC printf("umapfs_mount(mp = %x)\n", mp); @@ -144,22 +144,22 @@ umapfs_mount(mp, path, data, ndp, p) /* * Now copy in the number of entries and maps for umap mapping. */ - amp->info_nentries = args.nentries; + amp->info_unentries = args.unentries; amp->info_gnentries = args.gnentries; - error = copyin(args.mapdata, (caddr_t)amp->info_mapdata, - 2*sizeof(u_long)*args.nentries); + error = copyin(args.umapdata, (caddr_t)amp->info_umapdata, + 2*sizeof(**amp->info_umapdata)*args.unentries); if (error) return (error); #ifdef UMAPFS_DIAGNOSTIC - printf("umap_mount:nentries %d\n",args.nentries); + printf("umap_mount:unentries %d\n",args.unentries); for (i = 0; i < args.nentries; i++) - printf(" %d maps to %d\n", amp->info_mapdata[i][0], - amp->info_mapdata[i][1]); + printf(" %d maps to %d\n", amp->info_umapdata[i][0], + amp->info_umapdata[i][1]); #endif error = copyin(args.gmapdata, (caddr_t)amp->info_gmapdata, - 2*sizeof(u_long)*args.nentries); + 2*sizeof(**amp->info_gmapdata)*args.gnentries); if (error) return (error); diff --git a/sys/miscfs/umapfs/umap_vnops.c b/sys/miscfs/umapfs/umap_vnops.c index 849cfb8cae5..bc5a0896daf 100644 --- a/sys/miscfs/umapfs/umap_vnops.c +++ b/sys/miscfs/umapfs/umap_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umap_vnops.c,v 1.3 1996/02/29 13:08:07 niklas Exp $ */ +/* $OpenBSD: umap_vnops.c,v 1.4 1996/03/25 18:02:58 mickey Exp $ */ /* $NetBSD: umap_vnops.c,v 1.5 1996/02/09 22:41:06 christos Exp $ */ /* @@ -304,13 +304,12 @@ umap_getattr(v) struct ucred *a_cred; struct proc *a_p; } */ *ap = v; - uid_t uid; - gid_t gid; - int error, tmpid, nentries, gnentries; - u_long (*mapdata)[2]; - u_long (*gmapdata)[2]; - struct vnode **vp1p; - struct vnodeop_desc *descp = ap->a_desc; + uid_t uid; + gid_t gid; + int error, tmpid, unentries, gnentries; + id_map_t umapdata, gmapdata; + struct vnode **vp1p; + struct vnodeop_desc *descp = ap->a_desc; if ((error = umap_bypass(ap)) != 0) return (error); @@ -337,15 +336,15 @@ umap_getattr(v) gid); vp1p = VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[0], ap); - nentries = MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_nentries; - mapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_mapdata); + unentries = MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_unentries; + umapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_umapdata); gnentries = MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_gnentries; - gmapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_gmapdata); + gmapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_gmapdata); /* Reverse map the uid for the vnode. Since it's a reverse map, we can't use umap_mapids() to do it. */ - tmpid = umap_reverse_findid(uid, mapdata, nentries); + tmpid = umap_reverse_findid(uid, umapdata, unentries); if (tmpid != -1) { ap->a_vap->va_uid = (uid_t) tmpid; @@ -478,7 +477,7 @@ umap_rename(v) /* * Rename is irregular, having two componentname structures. - * We need to map the cre in the second structure, + * We need to map the cred in the second structure, * and then bypass takes care of the rest. */ -- 2.20.1