From 2e806440f9c41db2a9aa3c7d6f1270a449c63af7 Mon Sep 17 00:00:00 2001 From: Roland McGrath Date: Mon, 21 Jul 2008 19:50:36 +0000 Subject: 2008-07-21 Roland McGrath * hurd/fd-read.c (_hurd_fd_read): Return EGRATUITOUS if the server returned too much data out of line. --- hurd/fd-read.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hurd/fd-read.c b/hurd/fd-read.c index 388a4dbaf9..d673c78e03 100644 --- a/hurd/fd-read.c +++ b/hurd/fd-read.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1993,94,95,97,99,2002 Free Software Foundation, Inc. +/* Copyright (C) 1993,94,95,97,99,2002,2008 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -41,6 +41,8 @@ _hurd_fd_read (struct hurd_fd *fd, void *buf, size_t *nbytes, loff_t offset) if (data != buf) { + if (nread > *nbytes) /* Sanity check for bogus server. */ + return EGRATUITOUS; memcpy (buf, data, nread); __vm_deallocate (__mach_task_self (), (vm_address_t) data, nread); } -- cgit 1.4.1