https://bugs.kde.org/show_bug.cgi?id=506970
Mark Wielaard <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REPORTED |CONFIRMED Ever confirmed|0 |1 --- Comment #1 from Mark Wielaard <[email protected]> --- Proposed patch https://code.wildebeest.org/git/user/mjw/valgrind/commit/?h=mmap-fd-check diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c index 50415a2fa..2ba3ca9df 100644 --- a/coregrind/m_syswrap/syswrap-generic.c +++ b/coregrind/m_syswrap/syswrap-generic.c @@ -2653,6 +2653,12 @@ ML_(generic_PRE_sys_mmap) ( ThreadId tid, VG_(core_panic)("can't use ML_(generic_PRE_sys_mmap) on Darwin"); # endif + if (!(arg4 & VKI_MAP_ANONYMOUS) + && (!ML_(fd_allowed)(arg5, "mmap", tid, False) + || VG_(fcntl) (arg5, VKI_F_GETFD, 0) < 0)) { + return VG_(mk_SysRes_Error)( VKI_EBADF ); + } + if (arg2 == 0) { /* SuSV3 says: If len is zero, mmap() shall fail and no mapping shall be established. */ Seems to do as expected, if you know that arg4 is flags, arg5 is fd, that if flags contains MAP_ANONYMOUS fd is ignored and that ML_(fd_allowed) might just warn (with --track-fds), so checking with fcntl (F_GETFD) is needed to know if it really is a bad fd. Will add a comment with the above. -- You are receiving this mail because: You are watching all bug changes.
