Changeset 16160 in vbox for trunk/src/VBox/HostDrivers/Support/solaris
- Timestamp:
- Jan 22, 2009 12:03:33 PM (16 years ago)
- svn:sync-xref-src-repo-rev:
- 41899
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/HostDrivers/Support/solaris/SUPDrv-solaris.c
r13865 r16160 695 695 int rc; 696 696 uint32_t cbBuf = 0; 697 SUPREQHDR Hdr; 697 union 698 { 699 SUPREQHDR Hdr; 700 uint8_t abBuf[64]; 701 } StackBuf; 698 702 PSUPREQHDR pHdr; 699 703 … … 702 706 * Read the header. 703 707 */ 704 if (RT_UNLIKELY(IOCPARM_LEN(iCmd) != sizeof( Hdr)))705 { 706 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: iCmd=%#x len %d expected %d\n", iCmd, IOCPARM_LEN(iCmd), sizeof( Hdr)));708 if (RT_UNLIKELY(IOCPARM_LEN(iCmd) != sizeof(StackBuf.Hdr))) 709 { 710 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: iCmd=%#x len %d expected %d\n", iCmd, IOCPARM_LEN(iCmd), sizeof(StackBuf.Hdr))); 707 711 return EINVAL; 708 712 } 709 rc = ddi_copyin((void *)iArg, & Hdr, sizeof(Hdr), Mode);713 rc = ddi_copyin((void *)iArg, &StackBuf.Hdr, sizeof(StackBuf.Hdr), Mode); 710 714 if (RT_UNLIKELY(rc)) 711 715 { … … 713 717 return EFAULT; 714 718 } 715 if (RT_UNLIKELY(( Hdr.fFlags & SUPREQHDR_FLAGS_MAGIC_MASK) != SUPREQHDR_FLAGS_MAGIC))716 { 717 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: bad header magic %#x; iCmd=%#x\n", Hdr.fFlags & SUPREQHDR_FLAGS_MAGIC_MASK, iCmd));719 if (RT_UNLIKELY((StackBuf.Hdr.fFlags & SUPREQHDR_FLAGS_MAGIC_MASK) != SUPREQHDR_FLAGS_MAGIC)) 720 { 721 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: bad header magic %#x; iCmd=%#x\n", StackBuf.Hdr.fFlags & SUPREQHDR_FLAGS_MAGIC_MASK, iCmd)); 718 722 return EINVAL; 719 723 } 720 cbBuf = RT_MAX( Hdr.cbIn,Hdr.cbOut);721 if (RT_UNLIKELY( Hdr.cbIn < sizeof(Hdr)722 || Hdr.cbOut < sizeof(Hdr)724 cbBuf = RT_MAX(StackBuf.Hdr.cbIn, StackBuf.Hdr.cbOut); 725 if (RT_UNLIKELY( StackBuf.Hdr.cbIn < sizeof(StackBuf.Hdr) 726 || StackBuf.Hdr.cbOut < sizeof(StackBuf.Hdr) 723 727 || cbBuf > _1M*16)) 724 728 { 725 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: max(%#x,%#x); iCmd=%#x\n", Hdr.cbIn,Hdr.cbOut, iCmd));729 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: max(%#x,%#x); iCmd=%#x\n", StackBuf.Hdr.cbIn, StackBuf.Hdr.cbOut, iCmd)); 726 730 return EINVAL; 727 731 } … … 730 734 * Buffer the request. 731 735 */ 732 pHdr = RTMemTmpAlloc(cbBuf); 733 if (RT_UNLIKELY(!pHdr)) 734 { 735 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: failed to allocate buffer of %d bytes for iCmd=%#x.\n", cbBuf, iCmd)); 736 return ENOMEM; 736 if (cbBuf <= sizeof(StackBuf)) 737 pHdr = &StackBuf.Hdr; 738 else 739 { 740 pHdr = RTMemTmpAlloc(cbBuf); 741 if (RT_UNLIKELY(!pHdr)) 742 { 743 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: failed to allocate buffer of %d bytes for iCmd=%#x.\n", cbBuf, iCmd)); 744 return ENOMEM; 745 } 737 746 } 738 747 rc = ddi_copyin((void *)iArg, pHdr, cbBuf, Mode); 739 748 if (RT_UNLIKELY(rc)) 740 749 { 741 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: copy_from_user(,%#lx, %#x) failed; iCmd=%#x. rc=%d\n", iArg, Hdr.cbIn, iCmd, rc)); 742 RTMemFree(pHdr); 750 LogRel((DEVICE_NAME ":VBoxDrvSolarisIOCtlSlow: copy_from_user(,%#lx, %#x) failed; iCmd=%#x. rc=%d\n", iArg, cbBuf, iCmd, rc)); 751 if (pHdr != &StackBuf.Hdr) 752 RTMemFree(pHdr); 743 753 return EFAULT; 744 754 } … … 748 758 */ 749 759 rc = supdrvIOCtl(iCmd, &g_DevExt, pSession, pHdr); 750 760 PFNRT a = RTMpIsCpuWorkPending; 761 751 762 /* 752 763 * Copy ioctl data and output buffer back to user space. … … 771 782 rc = EINVAL; 772 783 773 RTMemTmpFree(pHdr); 784 if (pHdr != &StackBuf.Hdr) 785 RTMemTmpFree(pHdr); 774 786 return rc; 775 787 }
Note:
See TracChangeset
for help on using the changeset viewer.
