mirror of
https://github.com/opnsense/src.git
synced 2026-05-28 04:12:45 -04:00
3e49891270
An initial reading of the preamble of sys_procctl() gives the impression that no test prevents a malicious user from passing a negative commands index (in 'uap->com'), which is soon used as an index into the static array procctl_cmds_info[]. However, a closer examination leads to the conclusion that the existing code is technically correct. Indeed, the comparison of 'uap->com' to the nitems() expression, which expands to a ratio of sizeof(), leads to a conversion of 'uap->com' to an 'unsigned int' as per Usual Arithmetic Conversions/Integer Promotions applied by '<=', because sizeof() returns 'size_t' values, and we define 'size_t' as an equivalent of 'unsigned int' (which is not mandated by the standard, the latter allowing, e.g., integers of lower ranks). With this conversion, negative values of 'uap->com' are automatically ruled-out since they are converted to very big unsigned integers which are caught by the test. An analysis of assembly code produced by LLVM 16 on amd64 and practical tests confirm that no exploitation is possible. However, the guard code as written is misleading to readers and might trip up static analysis tools. Make sure that negative values are explicitly excluded so that it is immediately clear that EINVAL will be returned in this case. Build tested with clang 16 and GCC 12. Approved by: markj (mentor) MFC after: 1 week Sponsored by: The FreeBSD Foundation (cherry picked from commit afc10f8bba3dd293a66461aaca41237c986b6ca7) Approved by: emaste (mentor) |
||
|---|---|---|
| .. | ||
| amd64 | ||
| arm | ||
| arm64 | ||
| bsm | ||
| cam | ||
| cddl | ||
| compat | ||
| conf | ||
| contrib | ||
| crypto | ||
| ddb | ||
| dev | ||
| dts | ||
| fs | ||
| gdb | ||
| geom | ||
| gnu | ||
| i386 | ||
| isa | ||
| kern | ||
| kgssapi | ||
| libkern | ||
| modules | ||
| net | ||
| net80211 | ||
| netgraph | ||
| netinet | ||
| netinet6 | ||
| netipsec | ||
| netlink | ||
| netpfil | ||
| netsmb | ||
| nfs | ||
| nfsclient | ||
| nfsserver | ||
| nlm | ||
| ofed | ||
| opencrypto | ||
| powerpc | ||
| riscv | ||
| rpc | ||
| security | ||
| sys | ||
| teken | ||
| tests | ||
| tools | ||
| ufs | ||
| vm | ||
| x86 | ||
| xdr | ||
| xen | ||
| Makefile | ||
| README.md | ||
FreeBSD Kernel Source:
This directory contains the source files and build glue that make up the FreeBSD kernel and its modules, including both original and contributed software.
Kernel configuration files are located in the conf/ subdirectory of each
architecture. GENERIC is the configuration used in release builds. NOTES
contains documentation of all possible entries. LINT is a compile-only
configuration used to maximize build coverage and detect regressions.
Documentation:
Source code documentation is maintained in a set of man pages, under section 9.
These pages are located in share/man/man9, from the
top-level of the src tree. Consult intro(9)
for an overview of existing pages.
Some additional high-level documentation of the kernel is maintained in the Architecture Handbook.
Source Roadmap:
| Directory | Description |
|---|---|
| amd64 | AMD64 (64-bit x86) architecture support |
| arm | 32-bit ARM architecture support |
| arm64 | 64-bit ARM (AArch64) architecture support |
| cam | Common Access Method storage subsystem - cam(4) and ctl(4) |
| cddl | CDDL-licensed optional sources such as DTrace |
| conf | kernel build glue |
| compat | Linux compatibility layer, FreeBSD 32-bit compatibility |
| contrib | 3rd-party imported software such as OpenZFS |
| crypto | crypto drivers |
| ddb | interactive kernel debugger - ddb(4) |
| fs | most filesystems, excluding UFS, NFS, and ZFS |
| dev | device drivers and other arch independent code |
| gdb | kernel remote GDB stub - gdb(4) |
| geom | GEOM framework - geom(4) |
| i386 | i386 (32-bit x86) architecture support |
| kern | main part of the kernel |
| libkern | libc-like and other support functions for kernel use |
| modules | kernel module infrastructure |
| net | core networking code |
| net80211 | wireless networking (IEEE 802.11) - net80211(4) |
| netgraph | graph-based networking subsystem - netgraph(4) |
| netinet | IPv4 protocol implementation - inet(4) |
| netinet6 | IPv6 protocol implementation - inet6(4) |
| netipsec | IPsec protocol implementation - ipsec(4) |
| netpfil | packet filters - ipfw(4), pf(4), and ipfilter(4) |
| opencrypto | OpenCrypto framework - crypto(7) |
| powerpc | PowerPC/POWER (32 and 64-bit) architecture support |
| riscv | 64-bit RISC-V architecture support |
| security | security facilities - audit(4) and mac(4) |
| sys | kernel headers |
| tests | kernel unit tests |
| ufs | Unix File System - ffs(7) |
| vm | virtual memory system |
| x86 | code shared by AMD64 and i386 architectures |