From: kevans Date: Thu, 12 Sep 2019 13:51:43 +0000 (+0000) Subject: kenv: assert that an empty static buffer passed in is "empty" X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=a93af05fb91da0853f7ea9ca26e1ed60b67d1924;p=freebsd.git kenv: assert that an empty static buffer passed in is "empty" Garbage in the passed-in buffer can cause problems if any attempts to read the kenv are inadvertently made between init_static_kenv and the first kern_setenv -- assuming there is one. This is cheap and easy, so do it. This also helps rule out some class of bugs as one tries to debug; tunables fetch from the static environment up until SI_SUB_KMEM + 1, and many of these buffers are global ~4k buffers that rely on BSS clearing while others just grab a page of free memory and use it (e.g. xen). --- diff --git a/sys/kern/kern_environment.c b/sys/kern/kern_environment.c index af3449f2b0b..f7be09b6eb7 100644 --- a/sys/kern/kern_environment.c +++ b/sys/kern/kern_environment.c @@ -250,6 +250,8 @@ init_static_kenv(char *buf, size_t len) char *eval; KASSERT(!dynamic_kenv, ("kenv: dynamic_kenv already initialized")); + KASSERT(len == 0 || *buf == '\0', + ("kenv: sized buffer must be initially empty")); /* * We may be called twice, with the second call needed to relocate