Skip to content

Commit

Permalink
netbsd: fix potential panic (#519)
Browse files Browse the repository at this point in the history
The code was assuming that syscall returns either -1 or provided length.
Fix code to account for potential bad return results.
  • Loading branch information
newpavlov authored Oct 16, 2024
1 parent 1c029c8 commit ce35c67
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 6 deletions.
9 changes: 5 additions & 4 deletions .github/workflows/nopanic.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ jobs:
toolchain: stable
components: rust-src
targets: aarch64-unknown-linux-gnu,x86_64-unknown-netbsd,x86_64-unknown-freebsd,x86_64-pc-solaris
# TODO: use pre-compiled cross after a new (post-0.2.5) release
- name: Install cross
run: cargo install cross --git https://github.com/cross-rs/cross

Expand All @@ -89,10 +90,10 @@ jobs:
- name: Check (getrandom.rs)
run: ret=$(grep panic target/x86_64-unknown-freebsd/release/libgetrandom_wrapper.so; echo $?); [ $ret -eq 1 ]

# - name: Build (netbsd.rs)
# run: cross build --release --target=x86_64-unknown-netbsd
# - name: Check (netbsd.rs)
# run: ret=$(grep panic target/x86_64-unknown-netbsd/release/libgetrandom_wrapper.so; echo $?); [ $ret -eq 1 ]
- name: Build (netbsd.rs)
run: cross build --release --target=x86_64-unknown-netbsd
- name: Check (netbsd.rs)
run: ret=$(grep panic target/x86_64-unknown-netbsd/release/libgetrandom_wrapper.so; echo $?); [ $ret -eq 1 ]

# - name: Build (solaris.rs)
# run: cross build --release --target=x86_64-pc-solaris
Expand Down
9 changes: 7 additions & 2 deletions src/netbsd.rs
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,17 @@ unsafe extern "C" fn polyfill_using_kern_arand(
// NetBSD will only return up to 256 bytes at a time, and
// older NetBSD kernels will fail on longer buffers.
let mut len = cmp::min(buflen, 256);
let expected_ret = libc::c_int::try_from(len).expect("len is bounded by 256");

let ret = unsafe { libc::sysctl(MIB.as_ptr(), MIB_LEN, buf, &mut len, ptr::null(), 0) };
if ret == -1 {

if ret == expected_ret {
libc::ssize_t::try_from(ret).expect("len is bounded by 256")
} else if ret == -1 {
-1
} else {
libc::ssize_t::try_from(len).expect("len is bounded by 256")
// Zero return result will be converted into `Error::UNEXPECTED` by `sys_fill_exact`
0
}
}

Expand Down

0 comments on commit ce35c67

Please sign in to comment.