Sanitize arguments to linux_mremap().

Check that only MREMAP_FIXED and MREMAP_MAYMOVE flags are specified.
Check for the page alignment of the addr argument.

Submitted by:	rdivacky
MFC after:	1 week
This commit is contained in:
kib 2008-02-22 11:47:56 +00:00
parent 0370efee5e
commit 7ad2fb2ee1
2 changed files with 18 additions and 0 deletions

View File

@ -588,6 +588,21 @@ linux_mremap(struct thread *td, struct linux_mremap_args *args)
(unsigned long)args->new_len,
(unsigned long)args->flags);
#endif
if (args->flags & ~(LINUX_MREMAP_FIXED | LINUX_MREMAP_MAYMOVE)) {
td->td_retval[0] = 0;
return (EINVAL);
}
/*
* Check for the page alignment.
* Linux defines PAGE_MASK to be FreeBSD ~PAGE_MASK.
*/
if (args->addr & PAGE_MASK) {
td->td_retval[0] = 0;
return (EINVAL);
}
args->new_len = round_page(args->new_len);
args->old_len = round_page(args->old_len);

View File

@ -42,4 +42,7 @@
#define LINUX_MAX_COMM_LEN 16 /* Maximum length of the process name. */
#define LINUX_MREMAP_MAYMOVE 1
#define LINUX_MREMAP_FIXED 2
#endif /* _LINUX_MISC_H_ */