[illumos-Developer] Webrev for bug 1102: Resource exhaustion in sftp client
Gordon Ross
gordon.w.ross at gmail.com
Sat Jun 18 19:54:45 PDT 2011
I wasn't going to bother mentioning this but I guess I will.
If you go into this code again, you might want to consider
using a structure instead of an array of three integers.
I think that would look better, be more terse, etc.
On Sat, Jun 18, 2011 at 3:26 PM, Albert Lee <trisk at opensolaris.org> wrote:
> I have some style nits I think are still worth mentioning, even though
> this is foreign code exempt from cstyle. There are indentation
> changes, and a couple of other added return statements which are
> inconsistent with both upstream and illumos/ON style.
>
> e.g.:
> - newsize + *limitp >= (u_int) get_arg_max()) {
> + (newsize + limit[GLOB_INDEX_MALLOC]) >= GLOB_LIMIT_MALLOC) {
> errno = 0;
> - return(GLOB_NOSPACE);
> + return GLOB_NOSPACE;
>
> (Also seems more natural for GLOB_INDEX_* to be enums).
>
> -Albert
>
> On Tue, Jun 14, 2011 at 10:27 AM, Gordon Ross <gordon.w.ross at gmail.com> wrote:
>> On Tue, Jun 14, 2011 at 8:25 AM, Gary Mills <mills at cc.umanitoba.ca> wrote:
>>> On Fri, Jun 10, 2011 at 10:05:25AM -0500, Gary Mills wrote:
>>>> This is for illumos bug 1102: Resource exhaustion in sftp client.
>>>> It's essentially the netbsd patches applied to the private glob
>>>> library used by sftp. This is not a security vulnerability as it's on
>>>> the client side only. Nevertheless, the BSD variants have been
>>>> patched to prevent resource exhaustion. My webrev is at:
>>>>
>>>> http://cr.illumos.org/view/qle4ugwg/illumos1102/
>>>
>>> Is there no interest in this one?
>>
>> Sorry, I guess everyone was busy.
>> Looks good.
>>
>> Gordon
>>
>> _______________________________________________
>> Developer mailing list
>> Developer at lists.illumos.org
>> http://lists.illumos.org/m/listinfo/developer
>>
>
More information about the Developer
mailing list