# HG changeset patch
# User Paul Boddie <paul@boddie.org.uk>
# Date 1561848204 -7200
# Node ID 8bd275fa058d23f06f114f3ea11fabfde88ad97e
# Parent  0d36efa79efbe816842bd4040ead2bcff4b5c6e9
Obtain transferred strings/names safely.

diff -r 0d36efa79efb -r 8bd275fa058d server/src/main.cc
--- a/server/src/main.cc	Sat Jun 29 22:32:04 2019 +0200
+++ b/server/src/main.cc	Sun Jun 30 00:43:24 2019 +0200
@@ -157,9 +157,8 @@
 
   void mount(ipc_message_t *msg)
   {
+    fs_object_t fsobj;
     l4_cap_idx_t server;
-    l4re_ds_t ds;
-    char *buffer;
     long err;
 
     /* Obtain the filesystem capability. */
@@ -173,7 +172,7 @@
 
     /* Obtain the dataspace. */
 
-    err = ipc_message_import_dataspace(msg, 1, &ds, (l4_addr_t *) &buffer);
+    err = fsdesc_import_dataspace(msg, 1, &fsobj);
     if (err)
     {
       ipc_message_send_error(msg, -L4_EIO);
@@ -182,7 +181,13 @@
 
     /* Obtain the object's path. */
 
-    char *path = buffer;
+    char *path = fsdesc_get_name(&fsobj);
+
+    if (path == NULL)
+    {
+      ipc_message_send_error(msg, -L4_EINVAL);
+      return;
+    }
 
     /* Mount the supplied capability. */
 
@@ -190,7 +195,7 @@
 
     /* Free the capability and buffer from this task. */
 
-    ipc_message_discard_dataspace(msg, ds, (l4_addr_t) buffer);
+    fsdesc_deallocate_buffer(&fsobj);
   }
 
   /* Non-exported methods. */