hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-14 06:12:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Limit the amount of memory userspace processes can cause the kernel to

Browse Source 
allocate via DRI on r128 devices.

Obtained from:	Thomas Biege <thomas@suse.de>
Reviewed by:	scottl
This commit is contained in:
Robert Watson 2004-02-23 03:18:18 +00:00
parent 8720578d06
commit 033d9ae179
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=126137
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sys/dev/drm/r128_state.c
View File

@ -917,6 +917,9 @@ static int r128_cce_dispatch_write_span( drm_device_t *dev,
DRM_DEBUG( "\n" );
count = depth->n;
if ( count > 4096 || count <= 0 ) {
return DRM_ERR(EMSGSIZE);
}
if ( DRM_COPY_FROM_USER( &x, depth->x, sizeof(x) ) ) {
return DRM_ERR(EFAULT);
}
@ -1010,9 +1013,16 @@ static int r128_cce_dispatch_write_pixels( drm_device_t *dev,
DRM_DEBUG( "\n" );
count = depth->n;
if ( count > 4096 || count <= 0 ) {
return DRM_ERR(EMSGSIZE);
}
xbuf_size = count * sizeof(*x);
ybuf_size = count * sizeof(*y);
if ( xbuf_size <= 0 || ybuf_size <= 0 ) {
return DRM_ERR(EMSGSIZE);
}
x = DRM_MALLOC( xbuf_size );
if ( x == NULL ) {
return DRM_ERR(ENOMEM);
@ -1127,6 +1137,10 @@ static int r128_cce_dispatch_read_span( drm_device_t *dev,
DRM_DEBUG( "\n" );
count = depth->n;
if ( count > 4096 || count <= 0 ) {
return DRM_ERR(EMSGSIZE);
}
if ( DRM_COPY_FROM_USER( &x, depth->x, sizeof(x) ) ) {
return DRM_ERR(EFAULT);
}
@ -1175,6 +1189,9 @@ static int r128_cce_dispatch_read_pixels( drm_device_t *dev,
xbuf_size = count * sizeof(*x);
ybuf_size = count * sizeof(*y);
if ( xbuf_size <= 0 || ybuf_size <= 0 ) {
return DRM_ERR(EMSGSIZE);
}
x = DRM_MALLOC( xbuf_size );
if ( x == NULL ) {
return DRM_ERR(ENOMEM);