Print this page
3953 Calling ::list without specifying the name of the next member causes mdb to core dump
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
@@ -22,11 +22,11 @@
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
- * Copyright (c) 2012 by Delphix. All rights reserved.
+ * Copyright (c) 2013 by Delphix. All rights reserved.
* Copyright (c) 2012 Joyent, Inc. All rights reserved.
*/
#include <mdb/mdb_modapi.h>
#include <mdb/mdb_target.h>
@@ -705,13 +705,14 @@
return (DCMD_USAGE);
if (argv->a_type != MDB_TYPE_STRING) {
/*
* We are being given a raw offset in lieu of a type and
- * member; confirm the arguments.
+ * member; confirm the number of arguments and argument
+ * type.
*/
- if (argv->a_type != MDB_TYPE_IMMEDIATE)
+ if (argc != 1 || argv->a_type != MDB_TYPE_IMMEDIATE)
return (DCMD_USAGE);
offset = argv->a_un.a_val;
argv++;
@@ -724,10 +725,17 @@
} else {
const char *member;
char buf[MDB_SYM_NAMLEN];
int ret;
+ /*
+ * Check that we were provided 2 arguments: a type name
+ * and a member of that type.
+ */
+ if (argc != 2)
+ return (DCMD_USAGE);
+
ret = args_to_typename(&argc, &argv, buf, sizeof (buf));
if (ret != 0)
return (ret);
argv++;