crt_malloc: more accurate handling of mmap(2) failure

Reset both pagepool_start and pagepool_end after a mmap(2) failure, to avoid using invalid pagepool either for allocation or munmap(2). PR: 259076 Noted by: Denis Koreshkov <dynamic-wind@mail.ru> Reviewed by: arichardson Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D32514
2021-10-15 20:59:37 +03:00 · 2021-10-15 20:59:37 +03:00 · 73dddffc31
commit 73dddffc31
parent e1d6d6f924
1 changed files with 4 additions and 4 deletions
--- a/libexec/rtld-elf/rtld_malloc.c
+++ b/libexec/rtld-elf/rtld_malloc.c
@ -271,21 +271,21 @@ morepages(int n)
 		}
 	}

-	if (pagepool_start == MAP_FAILED)
-		pagepool_start = 0;
 	offset = (uintptr_t)pagepool_start - rounddown2(
 	    (uintptr_t)pagepool_start, pagesz);

-	pagepool_start = mmap(0, n * pagesz, PROT_READ | PROT_WRITE,
+	addr = mmap(0, n * pagesz, PROT_READ | PROT_WRITE,
 	    MAP_ANON | MAP_PRIVATE, -1, 0);
-	if (pagepool_start == MAP_FAILED) {
+	if (addr == MAP_FAILED) {
 #ifdef IN_RTLD
 		rtld_fdprintf(STDERR_FILENO, _BASENAME_RTLD ": morepages: "
 		    "cannot mmap anonymous memory: %s\n",
 		    rtld_strerror(errno));
 #endif
+		pagepool_start = pagepool_end = NULL;
 		return (0);
 	}
+	pagepool_start = addr;
 	pagepool_end = pagepool_start + n * pagesz;
 	pagepool_start += offset;