* [PATCH] prevent allocs than PTRDIFF_MAX via mremap
@ 2015-10-31 9:14 Daniel Micay
2015-10-31 9:20 ` Daniel Micay
0 siblings, 1 reply; 4+ messages in thread
From: Daniel Micay @ 2015-10-31 9:14 UTC (permalink / raw)
To: musl; +Cc: Daniel Micay
It's quite feasible for this to happen via MREMAP_MAYMOVE.
---
src/mman/mremap.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/mman/mremap.c b/src/mman/mremap.c
index 596c45f..1096ace 100644
--- a/src/mman/mremap.c
+++ b/src/mman/mremap.c
@@ -1,5 +1,7 @@
#include <unistd.h>
#include <sys/mman.h>
+#include <errno.h>
+#include <stdint.h>
#include <stdarg.h>
#include "syscall.h"
#include "libc.h"
@@ -8,7 +10,12 @@ void *__mremap(void *old_addr, size_t old_len, size_t new_len, int flags, ...)
{
va_list ap;
void *new_addr;
-
+
+ if (new_len >= PTRDIFF_MAX) {
+ errno = ENOMEM;
+ return MAP_FAILED;
+ }
+
va_start(ap, flags);
new_addr = va_arg(ap, void *);
va_end(ap);
--
2.6.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] prevent allocs than PTRDIFF_MAX via mremap
2015-10-31 9:14 [PATCH] prevent allocs than PTRDIFF_MAX via mremap Daniel Micay
@ 2015-10-31 9:20 ` Daniel Micay
2015-10-31 20:30 ` Rich Felker
0 siblings, 1 reply; 4+ messages in thread
From: Daniel Micay @ 2015-10-31 9:20 UTC (permalink / raw)
To: musl
It seems like a call to __vm_wait() might also be needed here when
MREMAP_FIXED is passed as a flag. I don't know anything about robust
futexes though, so someone else will need to figure that out.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Re: [PATCH] prevent allocs than PTRDIFF_MAX via mremap
2015-10-31 9:20 ` Daniel Micay
@ 2015-10-31 20:30 ` Rich Felker
2015-11-02 21:46 ` Rich Felker
0 siblings, 1 reply; 4+ messages in thread
From: Rich Felker @ 2015-10-31 20:30 UTC (permalink / raw)
To: musl
On Sat, Oct 31, 2015 at 05:20:10AM -0400, Daniel Micay wrote:
> It seems like a call to __vm_wait() might also be needed here when
> MREMAP_FIXED is passed as a flag. I don't know anything about robust
> futexes though, so someone else will need to figure that out.
Thanks. I'll review both issues and see if there's anything else wrong
in this file. I think there's at least one other conceptual problem:
use of va_arg when the flags that do indicate that a variadic argument
was passed.
Rich
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Re: [PATCH] prevent allocs than PTRDIFF_MAX via mremap
2015-10-31 20:30 ` Rich Felker
@ 2015-11-02 21:46 ` Rich Felker
0 siblings, 0 replies; 4+ messages in thread
From: Rich Felker @ 2015-11-02 21:46 UTC (permalink / raw)
To: musl
On Sat, Oct 31, 2015 at 04:30:39PM -0400, Rich Felker wrote:
> On Sat, Oct 31, 2015 at 05:20:10AM -0400, Daniel Micay wrote:
> > It seems like a call to __vm_wait() might also be needed here when
> > MREMAP_FIXED is passed as a flag. I don't know anything about robust
> > futexes though, so someone else will need to figure that out.
>
> Thanks. I'll review both issues and see if there's anything else wrong
> in this file. I think there's at least one other conceptual problem:
> use of va_arg when the flags that do indicate that a variadic argument
> was passed.
I've committed your patch and the additional changes from this thread.
Thanks!
Rich
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-11-02 21:46 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-31 9:14 [PATCH] prevent allocs than PTRDIFF_MAX via mremap Daniel Micay
2015-10-31 9:20 ` Daniel Micay
2015-10-31 20:30 ` Rich Felker
2015-11-02 21:46 ` Rich Felker
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).