https://bugs.kde.org/show_bug.cgi?id=504341
Mark Wielaard <m...@klomp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |z...@gentoo.org
--- Comment #6 from Mark Wielaard <m...@klomp.org> ---
So on the mailinglist Matthias z...@gentoo.org suggested to do the
ML_(safe_to_deref) checks up front and immediately flag VKI_EFAULT.
That way the logic later in the PRE handler can stay the same. So if we revert
the change, then that would look like:
diff --git a/coregrind/m_syswrap/syswrap-linux.c
b/coregrind/m_syswrap/syswrap-linux.c
index d4653d027396..500bc43acf8e 100644
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -2295,10 +2295,20 @@ PRE(sys_prlimit64)
vki_pid_t, pid, unsigned int, resource,
const struct rlimit64 *, new_rlim,
struct rlimit64 *, old_rlim);
- if (ARG3)
+ if (ARG3) {
PRE_MEM_READ( "rlimit64(new_rlim)", ARG3, sizeof(struct vki_rlimit64) );
- if (ARG4)
+ if (!ML_(safe_to_deref)((void*)(Addr)ARG3, sizeof(struct vki_rlimit64)))
{
+ SET_STATUS_Failure(VKI_EFAULT);
+ return;
+ }
+ }
+ if (ARG4) {
PRE_MEM_WRITE( "rlimit64(old_rlim)", ARG4, sizeof(struct vki_rlimit64)
);
+ if (!ML_(safe_to_deref)((void*)(Addr)ARG4, sizeof(struct vki_rlimit64)))
{
+ SET_STATUS_Failure(VKI_EFAULT);
+ return;
+ }
+ }
if (ARG3 &&
((struct vki_rlimit64 *)(Addr)ARG3)->rlim_cur
Testing that now against both regtest and ltpchecks
--
You are receiving this mail because:
You are watching all bug changes.
