diff mbox series

[5/6] linux-user: Check is_hostfd in mmap syscalls

Message ID 20180531224911.23725-6-richard.henderson@linaro.org
State New
Headers show
Series linux-user: Reorg interp_prefix handling | expand

Commit Message

Richard Henderson May 31, 2018, 10:49 p.m. UTC
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

---
 linux-user/syscall.c | 9 +++++++++
 1 file changed, 9 insertions(+)

-- 
2.17.0

Comments

Laurent Vivier June 1, 2018, 8:57 p.m. UTC | #1
Le 01/06/2018 à 00:49, Richard Henderson a écrit :
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

> ---

>  linux-user/syscall.c | 9 +++++++++

>  1 file changed, 9 insertions(+)

> 


Reviewed-by: Laurent Vivier <laurent@vivier.eu>
diff mbox series

Patch

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b98125829b..d7513d5dac 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9605,11 +9605,17 @@  abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
             v5 = tswapal(v[4]);
             v6 = tswapal(v[5]);
             unlock_user(v, arg1, 0);
+            if (is_hostfd(v5)) {
+                goto ebadf;
+            }
             ret = get_errno(target_mmap(v1, v2, v3,
                                         target_to_host_bitmask(v4, mmap_flags_tbl),
                                         v5, v6));
         }
 #else
+        if (is_hostfd(arg5)) {
+            goto ebadf;
+        }
         ret = get_errno(target_mmap(arg1, arg2, arg3,
                                     target_to_host_bitmask(arg4, mmap_flags_tbl),
                                     arg5,
@@ -9622,6 +9628,9 @@  abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 #ifndef MMAP_SHIFT
 #define MMAP_SHIFT 12
 #endif
+        if (is_hostfd(arg5)) {
+            goto ebadf;
+        }
         ret = get_errno(target_mmap(arg1, arg2, arg3,
                                     target_to_host_bitmask(arg4, mmap_flags_tbl),
                                     arg5,