mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-18 22:14:16 +00:00 
			
		
		
		
	[PATCH] uclinux: fix mmap() of directory for nommu case
I was playing with blackfin when i hit a neat bug ... doing an open() on a directory and then passing that fd to mmap() would cause the kernel to hang after poking into the code a bit more, i found that mm/nommu.c:validate_mmap_request() checks the length and if it is 0, just returns the address ... this is in stark contrast to mmu's mm/mmap.c:do_mmap_pgoff() where it returns -EINVAL for 0 length requests ... i then noticed that some other parts of the logic is out of date between the two funcs, so perhaps that's the easy fix ? Signed-off-by: Greg Ungerer <gerg@uclinux.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
		
							parent
							
								
									3363c9b0ed
								
							
						
					
					
						commit
						f81cff0d40
					
				
					 1 changed files with 7 additions and 5 deletions
				
			
		
							
								
								
									
										12
									
								
								mm/nommu.c
									
										
									
									
									
								
							
							
						
						
									
										12
									
								
								mm/nommu.c
									
										
									
									
									
								
							|  | @ -497,15 +497,17 @@ static int validate_mmap_request(struct file *file, | |||
| 	    (flags & MAP_TYPE) != MAP_SHARED) | ||||
| 		return -EINVAL; | ||||
| 
 | ||||
| 	if (PAGE_ALIGN(len) == 0) | ||||
| 		return addr; | ||||
| 
 | ||||
| 	if (len > TASK_SIZE) | ||||
| 	if (!len) | ||||
| 		return -EINVAL; | ||||
| 
 | ||||
| 	/* Careful about overflows.. */ | ||||
| 	len = PAGE_ALIGN(len); | ||||
| 	if (!len || len > TASK_SIZE) | ||||
| 		return -ENOMEM; | ||||
| 
 | ||||
| 	/* offset overflow? */ | ||||
| 	if ((pgoff + (len >> PAGE_SHIFT)) < pgoff) | ||||
| 		return -EINVAL; | ||||
| 		return -EOVERFLOW; | ||||
| 
 | ||||
| 	if (file) { | ||||
| 		/* validate file mapping requests */ | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue
	
	 Mike Frysinger
						Mike Frysinger