xnu-1228.0.2.tar.gz

[apple/xnu.git] / osfmk / i386 / user_ldt.c

diff --git a/osfmk/i386/user_ldt.c b/osfmk/i386/user_ldt.c
index afb9795a3f4cec50088f57dbed5d96e45c1c63cb..87aab04269f469fc109f5675cbc8cbfc8459077e 100644 (file)
--- a/osfmk/i386/user_ldt.c
+++ b/osfmk/i386/user_ldt.c
@@ -1,5 +1,5 @@
 /*
 /*

- * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.

  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 


@@ -88,7 +88,7 @@ static void user_ldt_set_action(void *);
 
 int
 i386_set_ldt(
 
 int
 i386_set_ldt(

-       int                     *retval,
+       uint32_t                *retval,

        uint32_t                start_sel,
        uint32_t                descs,  /* out */
        uint32_t                num_sels)
        uint32_t                start_sel,
        uint32_t                descs,  /* out */
        uint32_t                num_sels)


@@ -106,7 +106,7 @@ i386_set_ldt(
            && (start_sel < min_selector || start_sel >= LDTSZ))
            return EINVAL;
        if (start_sel != LDT_AUTO_ALLOC
            && (start_sel < min_selector || start_sel >= LDTSZ))
            return EINVAL;
        if (start_sel != LDT_AUTO_ALLOC

-           && start_sel + num_sels > LDTSZ)
+           && (uint64_t)start_sel + (uint64_t)num_sels > LDTSZ) /* cast to uint64_t to detect wrap-around */

            return EINVAL;
 
        task_lock(task);
            return EINVAL;
 
        task_lock(task);


@@ -282,7 +282,7 @@ i386_set_ldt(
 
 int
 i386_get_ldt(
 
 int
 i386_get_ldt(

-       int                     *retval,
+       uint32_t                *retval,

        uint32_t                start_sel,
        uint32_t                descs,  /* out */
        uint32_t                num_sels)
        uint32_t                start_sel,
        uint32_t                descs,  /* out */
        uint32_t                num_sels)