878b30c0bc
Without this fix, fspread is trusting the server to return as much data as requested, or less. If a server responds with more data though, fspread writes beyond the bounds of the buffer to fill, which is passed in by the caller. It depends on the caller of fspread() where that buffer is, so there are various possible attack vectors. In the Plan9 kernel, I found this implemented in devmnt.c, where overly large responses are truncated to the size requested before copying, so I assume that this strategy works here too. This also affects fsread() and fsreadn(), which are based on fspread().
This is a port of many Plan 9 libraries and programs to Unix.
Installation
To install, run ./INSTALL. It builds mk and then uses mk to run the rest of the installation.
For more details, see install(1), at install.txt in this directory and at https://9fans.github.io/plan9port/man/man1/install.html.
Documentation
See https://9fans.github.io/plan9port/man/ for more documentation. (Documentation is also in this tree, but you need to run a successful install first. After that, "9 man 1 intro".)
Intro(1) contains a list of man pages that describe new features or differences from Plan 9.
Helping out
If you'd like to help out, great!
If you port this code to other architectures, please share your changes so others can benefit.
Git
You can use Git to keep your local copy up-to-date as we make changes and fix bugs. See the git(1) man page here ("9 man git") for details on using Git.
Status
Contact
-
Mailing list: https://groups.google.com/group/plan9port-dev
-
Issue tracker: https://github.com/9fans/plan9port/issues
-
Submitting changes: https://github.com/9fans/plan9port/pulls
-
Russ Cox rsc@swtch.com