sustaining/oi_151a/illumos-gate: changeset 7263:06a01ab8410f

--- a/usr/src/uts/common/os/sunndi.c	Fri Aug 01 15:20:07 2008 -0700
+++ b/usr/src/uts/common/os/sunndi.c	Fri Aug 01 15:34:10 2008 -0700
@@ -367,7 +367,8 @@
 	 * copyin and unpack a user defined nvlist if one was passed
 	 */
 	if (dcp->nvl_user != NULL) {
-		if (dcp->nvl_usersz == 0) {
+		if ((dcp->nvl_usersz == 0) ||
+		    (dcp->nvl_usersz > DEVCTL_MAX_NVL_USERSZ)) {
 			if (dcp->c_nodename != NULL)
 				kmem_free(dcp->c_nodename, MAXNAMELEN);
 			if (dcp->c_unitaddr != NULL)

--- a/usr/src/uts/common/sys/devctl.h	Fri Aug 01 15:20:07 2008 -0700
+++ b/usr/src/uts/common/sys/devctl.h	Fri Aug 01 15:34:10 2008 -0700
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -74,6 +73,12 @@
 #endif
 
 /*
+ * Limit size of packed application defined attributes (nvl_user) to prevent
+ * user application from requesting excessive kernel memory allocation.
+ */
+#define	DEVCTL_MAX_NVL_USERSZ	0x10000
+
+/*
  * State of receptacle for an Attachment Point.
  */
 typedef enum {

author	cth
	Fri, 01 Aug 2008 15:34:10 -0700
changeset 7263	06a01ab8410f
parent 7262	d92388591b8a
child 7264	89c9135b80e3

usr/src/uts/common/os/sunndi.c		file \| annotate \| diff \| comparison \| revisions
usr/src/uts/common/sys/devctl.h		file \| annotate \| diff \| comparison \| revisions