In the last episode (Dec 01), JINMEI Tatuya / ?$B?_at_L_at_C#:H said: > The first call to sysctl sets 'l' to 0, since the list is empty. Then > the malloc returns '0x800' as a *valid pointer*. But in the second > call to sysctl, kernel rejects this pointer at line 1299 of > sys/kern/kern_sysctl.c: > > userland_sysctl(struct thread *td, int *name, u_int namelen, void *old, > size_t *oldlenp, int inkernel, void *new, size_t newlen, size_t *retval) > { > > (...) > > if (old) { > --> if (!useracc(old, req.oldlen, VM_PROT_WRITE)) > --> return (EFAULT); > > and so we'll see The bug is in useracc, I think. It should probably return true immediately if len is zero, since it's okay to read or write zero bytes from any pointer. A workaround would be to just skip the sysctl if there is nothing to read. -- Dan Nelson dnelson_at_allantgroup.comReceived on Wed Dec 01 2004 - 06:07:01 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:23 UTC