Page MenuHomeFreeBSD

Avoid overflow in checking the size of free gaps in vm_map_findspace
ClosedPublic

Authored by dougm on Jun 10 2019, 9:53 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 13, 9:54 AM
Unknown Object (File)
Oct 6 2024, 3:46 AM
Unknown Object (File)
Sep 23 2024, 7:09 PM
Unknown Object (File)
Sep 23 2024, 3:42 AM
Unknown Object (File)
Sep 8 2024, 3:24 AM
Unknown Object (File)
Sep 8 2024, 1:30 AM
Unknown Object (File)
Sep 7 2024, 9:51 AM
Unknown Object (File)
Sep 6 2024, 8:24 PM
Subscribers

Details

Summary

To test to see if a free space is big enough compare the required length to the difference of the two offsets that define the gap, to avoid overflow, rather that adding the length to an offset and comparing that to another offset.

This addresses an overflow issue reported by Peter Holm on i386.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Is this a fix for the i386 wrap issue, or just a related change ?

vm_map.c
1802 ↗(On Diff #58495)

(void *) space before star.

Since you are changing format, note that the length is truncated. Perhaps use %ju (I would prefer %jx) and cast to uintmax_t for length.

dougm edited the summary of this revision. (Show Details)

Change formatting in error log, as suggested.

kib added inline comments.
vm_map.c
1801 ↗(On Diff #58518)

I suggest %#jx

This revision is now accepted and ready to land.Jun 11 2019, 2:52 PM

I tested this patch on i386 with all of the mmap() tests I have. I also ran the same tests on amd64 plus a buildworld.
I can run a full test if you prefer that.

This revision was automatically updated to reflect the committed changes.