- Change mmap() to fail requests with EINVAL that pass a length of 0. This

behavior is mandated by POSIX. - Do not fail requests that pass a length greater than SSIZE_MAX (such as > 2GB on 32-bit platforms). The 'len' parameter is actually an unsigned 'size_t' so negative values don't really make sense. Submitted by: Alexander Best alexbestms at math.uni-muenster.de Reviewed by: alc Approved by: re (kib) MFC after: 1 week
2009-07-14 19:45:36 +00:00 · 2009-07-14 19:45:36 +00:00 · 0fe0ed8bf8
commit 0fe0ed8bf8
parent ec71a417a8
2 changed files with 3 additions and 3 deletions
--- a/lib/libc/sys/mmap.2
+++ b/lib/libc/sys/mmap.2
@ -28,7 +28,7 @@
 .\"	@(#)mmap.2	8.4 (Berkeley) 5/11/95
 .\" $FreeBSD$
 .\"
-.Dd October 24, 2008
+.Dd July 14, 2009
 .Dt MMAP 2
 .Os
 .Sh NAME
@ -306,7 +306,7 @@ resides out of the valid address space for a user process.
 The
 .Fa len
 argument
-was negative.
+was equal to zero.
 .It Bq Er EINVAL
 .Dv MAP_ANON
 was specified and the
--- a/sys/vm/vm_mmap.c
+++ b/sys/vm/vm_mmap.c
@ -229,7 +229,7 @@ mmap(td, uap)

 	fp = NULL;
 	/* make sure mapping fits into numeric range etc */
-	if ((ssize_t) uap->len < 0 ||
+	if (uap->len == 0 ||
 	    ((flags & MAP_ANON) && uap->fd != -1))
 		return (EINVAL);