prevent longjmp / forkret from writing over tf->edi
This commit is contained in:
		
							parent
							
								
									0dd4253747
								
							
						
					
					
						commit
						bd228a8156
					
				
					 3 changed files with 9 additions and 6 deletions
				
			
		
							
								
								
									
										5
									
								
								pipe.c
									
										
									
									
									
								
							
							
						
						
									
										5
									
								
								pipe.c
									
										
									
									
									
								
							|  | @ -61,6 +61,8 @@ pipe_alloc(struct fd **fd1, struct fd **fd2) | |||
| void | ||||
| pipe_close(struct pipe *p, int writeable) | ||||
| { | ||||
|   acquire(&p->lock); | ||||
| 
 | ||||
|   if(writeable){ | ||||
|     p->writeopen = 0; | ||||
|     wakeup(&p->readp); | ||||
|  | @ -68,6 +70,9 @@ pipe_close(struct pipe *p, int writeable) | |||
|     p->readopen = 0; | ||||
|     wakeup(&p->writep); | ||||
|   } | ||||
|    | ||||
|   release(&p->lock); | ||||
| 
 | ||||
|   if(p->readopen == 0 && p->writeopen == 0) | ||||
|     kfree((char *) p, PAGE); | ||||
| } | ||||
|  |  | |||
							
								
								
									
										2
									
								
								proc.c
									
										
									
									
									
								
							
							
						
						
									
										2
									
								
								proc.c
									
										
									
									
									
								
							|  | @ -109,7 +109,7 @@ copyproc(struct proc* p) | |||
|   // Set up new jmpbuf to start executing at forkret (see below).
 | ||||
|   memset(&np->jmpbuf, 0, sizeof np->jmpbuf); | ||||
|   np->jmpbuf.eip = (uint)forkret; | ||||
|   np->jmpbuf.esp = (uint)np->tf; | ||||
|   np->jmpbuf.esp = (uint)np->tf - 4; | ||||
| 
 | ||||
|   // Copy file descriptors
 | ||||
|   for(i = 0; i < NOFILE; i++){ | ||||
|  |  | |||
|  | @ -13,8 +13,7 @@ | |||
|  * System call number in %eax. | ||||
|  * Arguments on the stack, from the user call to the C | ||||
|  * library system call function. The saved user %esp points | ||||
|  * to a saved frame pointer, a program counter, and then | ||||
|  * the first argument. | ||||
|  * to a saved program counter, and then the first argument. | ||||
|  * | ||||
|  * Return value? Error indication? Errno? | ||||
|  */ | ||||
|  | @ -56,11 +55,11 @@ fetcharg(int argno, void *ip) | |||
| } | ||||
| 
 | ||||
| int | ||||
| putint(struct proc *p, uint addr, int ip) | ||||
| putint(struct proc *p, uint addr, int x) | ||||
| { | ||||
|   if(addr > p->sz - 4) | ||||
|     return -1; | ||||
|   memmove(p->mem + addr, &ip, 4); | ||||
|   memmove(p->mem + addr, &x, 4); | ||||
|   return 0; | ||||
| } | ||||
| 
 | ||||
|  | @ -269,7 +268,6 @@ syscall(void) | |||
|   int num = cp->tf->eax; | ||||
|   int ret = -1; | ||||
| 
 | ||||
|   //cprintf("%x sys %d\n", cp, num);
 | ||||
|   switch(num){ | ||||
|   case SYS_fork: | ||||
|     ret = sys_fork(); | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 rtm
						rtm