1*9de6b717Sdp /*
2*9de6b717Sdp  * CDDL HEADER START
3*9de6b717Sdp  *
4*9de6b717Sdp  * The contents of this file are subject to the terms of the
5*9de6b717Sdp  * Common Development and Distribution License (the "License").
6*9de6b717Sdp  * You may not use this file except in compliance with the License.
7*9de6b717Sdp  *
8*9de6b717Sdp  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*9de6b717Sdp  * or http://www.opensolaris.org/os/licensing.
10*9de6b717Sdp  * See the License for the specific language governing permissions
11*9de6b717Sdp  * and limitations under the License.
12*9de6b717Sdp  *
13*9de6b717Sdp  * When distributing Covered Code, include this CDDL HEADER in each
14*9de6b717Sdp  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*9de6b717Sdp  * If applicable, add the following below this CDDL HEADER, with the
16*9de6b717Sdp  * fields enclosed by brackets "[]" replaced with your own identifying
17*9de6b717Sdp  * information: Portions Copyright [yyyy] [name of copyright owner]
18*9de6b717Sdp  *
19*9de6b717Sdp  * CDDL HEADER END
20*9de6b717Sdp  */
21*9de6b717Sdp 
22*9de6b717Sdp /*
23*9de6b717Sdp  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
24*9de6b717Sdp  * Use is subject to license terms.
25*9de6b717Sdp  */
26*9de6b717Sdp 
27*9de6b717Sdp /*
28*9de6b717Sdp  * Test that there is no value of 'size' which can be passed to copyin
29*9de6b717Sdp  * to cause mischief.  The somewhat odd order of operations ensures
30*9de6b717Sdp  * that we test both size = 0 and size = 0xfff...fff
31*9de6b717Sdp  */
32*9de6b717Sdp #include <sys/types.h>
33*9de6b717Sdp 
34*9de6b717Sdp 
35*9de6b717Sdp #if defined(_LP64)
36*9de6b717Sdp #define MAX_BITS 63
37*9de6b717Sdp size_t size;
38*9de6b717Sdp #else
39*9de6b717Sdp #define MAX_BITS 31
40*9de6b717Sdp size_t size;
41*9de6b717Sdp #endif
42*9de6b717Sdp 
43*9de6b717Sdp syscall:::
44*9de6b717Sdp /pid == $pid/
45*9de6b717Sdp {
46*9de6b717Sdp 	printf("size = 0x%lx\n", (ulong_t)size);
47*9de6b717Sdp }
48*9de6b717Sdp 
49*9de6b717Sdp syscall:::
50*9de6b717Sdp /pid == $pid/
51*9de6b717Sdp {
52*9de6b717Sdp 	tracemem(copyin(curthread->t_procp->p_user.u_envp, size), 10);
53*9de6b717Sdp }
54*9de6b717Sdp 
55*9de6b717Sdp syscall:::
56*9de6b717Sdp /pid == $pid && size > (1 << MAX_BITS)/
57*9de6b717Sdp {
58*9de6b717Sdp 	exit(0);
59*9de6b717Sdp }
60*9de6b717Sdp 
61*9de6b717Sdp syscall:::
62*9de6b717Sdp /pid == $pid/
63*9de6b717Sdp {
64*9de6b717Sdp 	size = (size << 1ULL) | 1ULL;
65*9de6b717Sdp }
66