Author: kib Date: Tue Jul 31 18:00:47 2018 New Revision: 336987 URL: https://svnweb.freebsd.org/changeset/base/336987
Log: For compat32, emulate the same wraparound check as occurs on the real ILP32 system. Reported by and discussed with: asomers PR: 230162 Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D16525 Modified: head/sys/vm/vm_mmap.c Modified: head/sys/vm/vm_mmap.c ============================================================================== --- head/sys/vm/vm_mmap.c Tue Jul 31 17:53:24 2018 (r336986) +++ head/sys/vm/vm_mmap.c Tue Jul 31 18:00:47 2018 (r336987) @@ -600,6 +600,12 @@ kern_mprotect(struct thread *td, uintptr_t addr0, size addr -= pageoff; size += pageoff; size = (vm_size_t) round_page(size); +#ifdef COMPAT_FREEBSD32 + if (SV_PROC_FLAG(td->td_proc, SV_ILP32)) { + if (((addr + size) & 0xffffffff) < addr) + return (EINVAL); + } else +#endif if (addr + size < addr) return (EINVAL); _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
