From b8bec5a415bad1f8839de0a952f9cc69b3a114bf Mon Sep 17 00:00:00 2001
From: Dmitry Chagin <dchagin@FreeBSD.org>
Date: Tue, 7 Mar 2017 17:12:22 +0000
Subject: [PATCH] Linux semop system call return EINVAL in case when the
 invalid nsops or semid values specified.

MFC after:	1 month
---
 sys/compat/linux/linux_ipc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/compat/linux/linux_ipc.c b/sys/compat/linux/linux_ipc.c
index a8c55099ed8..082fec1caac 100644
--- a/sys/compat/linux/linux_ipc.c
+++ b/sys/compat/linux/linux_ipc.c
@@ -513,6 +513,8 @@ linux_semop(struct thread *td, struct linux_semop_args *args)
 	int		nsops;
 	} */ bsd_args;
 
+	if (args->nsops < 1 || args->semid < 0)
+		return (EINVAL);
 	bsd_args.semid = args->semid;
 	bsd_args.sops = PTRIN(args->tsops);
 	bsd_args.nsops = args->nsops;