Samuka007/asterinas
1
0
Fork 0
mirror of https://github.com/asterinas/asterinas.git synced 2025-06-23 01:13:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix integer overflow caused by large addr + size in memory related syscall

Browse Source
This commit is contained in:
Marsman1996
2024-08-26 13:54:11 +08:00
committed by Tate, Hongliang Tian
parent e6e771e9b5
commit 0a8ad6971a
4 changed files with 25 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
kernel/src/syscall/madvise.rs
View File

@ -25,6 +25,10 @@ pub fn sys_madvise(
}
let len = len.align_up(PAGE_SIZE);
let end = start.checked_add(len).ok_or(Error::with_message(
Errno::EINVAL,
"integer overflow when (start + len)",
))?;
match behavior {
MadviseBehavior::MADV_NORMAL
| MadviseBehavior::MADV_SEQUENTIAL
@ -37,15 +41,15 @@ pub fn sys_madvise(
MadviseBehavior::MADV_DONTNEED => {
warn!("MADV_DONTNEED isn't implemented, do nothing for now.");
}
MadviseBehavior::MADV_FREE => madv_free(start, len, ctx)?,
MadviseBehavior::MADV_FREE => madv_free(start, end, ctx)?,
_ => todo!(),
}
Ok(SyscallReturn::Return(0))
}
fn madv_free(start: Vaddr, len: usize, ctx: &Context) -> Result<()> {
fn madv_free(start: Vaddr, end: Vaddr, ctx: &Context) -> Result<()> {
let root_vmar = ctx.process.root_vmar();
let advised_range = start..start + len;
let advised_range = start..end;
let _ = root_vmar.destroy(advised_range);
Ok(())