aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoraurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162>2008-12-08 18:12:33 +0000
committeraurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162>2008-12-08 18:12:33 +0000
commit45bc1f5264a6835239e1c183b78d40bb45310f6c (patch)
treed2f1ea4c21aca1313b72f399cb047e19bec67f37
parentfb1c2cd7d9a9955a98eb7c874a74122f1e964811 (diff)
downloadqemu-45bc1f5264a6835239e1c183b78d40bb45310f6c.zip
qemu-45bc1f5264a6835239e1c183b78d40bb45310f6c.tar.gz
qemu-45bc1f5264a6835239e1c183b78d40bb45310f6c.tar.bz2
linux-user: mmap: add check if requested memory area fits target address space
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5958 c046a42c-6fe2-441c-8c8c-71466251a162
-rw-r--r--linux-user/mmap.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index d5f22b8..2d0c684 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -382,6 +382,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
end = start + len;
real_end = HOST_PAGE_ALIGN(end);
+ /*
+ * Test if requested memory area fits target address space
+ * It can fail only on 64-bit host with 32-bit target.
+ * On any other target/host host mmap() handles this error correctly.
+ */
+ if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
+ errno = EINVAL;
+ goto fail;
+ }
+
for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
flg = page_get_flags(addr);
if (flg & PAGE_RESERVED) {