diff options
author | Warner Losh <imp@bsdimp.com> | 2021-09-16 18:43:01 -0600 |
---|---|---|
committer | Warner Losh <imp@bsdimp.com> | 2021-10-17 16:55:52 -0600 |
commit | 14837a3f7540f38ba78261238da3914a6529d882 (patch) | |
tree | 94292409475bdd1a2825249a3d07cfe45621f93f | |
parent | 36d5d891559f6b9f0bae4907669de9bfdf5d4d94 (diff) | |
download | qemu-14837a3f7540f38ba78261238da3914a6529d882.zip qemu-14837a3f7540f38ba78261238da3914a6529d882.tar.gz qemu-14837a3f7540f38ba78261238da3914a6529d882.tar.bz2 |
bsd-user/mmap.c: mmap return ENOMEM on overflow
mmap should return ENOMEM on len overflow rather than EINVAL. Return
EINVAL when len == 0 and ENOMEM when the rounded to a page length is 0.
Found by make check-tcg.
Signed-off-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Kyle Evans <kevans@FreeBSD.org>
-rw-r--r-- | bsd-user/mmap.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/bsd-user/mmap.c b/bsd-user/mmap.c index 6f33aec..f0be3b1 100644 --- a/bsd-user/mmap.c +++ b/bsd-user/mmap.c @@ -455,11 +455,18 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, goto fail; } - len = TARGET_PAGE_ALIGN(len); if (len == 0) { errno = EINVAL; goto fail; } + + /* Check for overflows */ + len = TARGET_PAGE_ALIGN(len); + if (len == 0) { + errno = ENOMEM; + goto fail; + } + real_start = start & qemu_host_page_mask; host_offset = offset & qemu_host_page_mask; |